civicrm

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). CiviCRM skill exposes domain-specific financial actions (e.g., "Create Contribution", "Create Payment", "List/Update Contributions") and multiple financial entities (Entity Financial Account, Financial Item, Financial Type, Line Item, Pledge, Payment, Recurring Entity). Those are explicit, purpose-built operations to create and manage payments/donations rather than generic tooling. Through Membrane's action run / proxy functionality the skill can invoke CiviCRM endpoints that perform payment-related transactions. Even though it doesn't name Stripe/PayPal explicitly, the presence of concrete "create payment/contribution" actions constitutes direct financial execution capability.