prestashop

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). Yes. This skill is a dedicated PrestaShop e‑commerce integration (not a generic HTTP or browser tool) and explicitly exposes commerce/payment-related resources such as "Order", "Order Payment", "Order Slip", "Cart", "Currency", "Discount", "Price Rule", etc. It also documents running Membrane actions and proxying arbitrary requests to the PrestaShop API (including POST/PUT/PATCH/DELETE). That combination (a purpose-built e‑commerce connector plus the ability to run authenticated API actions/requests that can modify orders and payments) constitutes direct financial execution capability (e.g., charging, refunding, changing payment status, creating orders). Therefore it should be flagged.