holded

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The Holded skill is a dedicated business/accounting integration (invoices, bills, payments, purchase orders, credit notes, etc.) and exposes actions to create and modify financial documents. It also provides a Membrane proxy to call Holded API endpoints (POST/PUT/DELETE) and run actions like "create-document" — functionality that can directly record or trigger payment-related transactions. This is not a generic browser or HTTP tool: the skill's primary and explicit domain is financial/business operations, including "Payment" and related resources, so it enables direct financial execution.