oracle-fusion-cloud-financials

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill requires installing and running the Membrane CLI (npm install -g @membranehq/cli — https://www.npmjs.com/package/@membranehq/cli), which fetches and executes remote package code that the skill depends on at runtime.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is an integration for Oracle Fusion Cloud Financials — a purpose-built financial management system that explicitly includes entities like Payment, Invoice, Journal Entry, General Ledger, Supplier, Customer. It exposes run-able actions via the Membrane CLI and a proxy request mechanism that supports POST/PUT/PATCH/DELETE, allowing creation/modification of financial records (including Payments). Because it is specifically designed to manage financial operations and can issue write/transactional requests (not just read-only queries), it grants direct financial execution capability.