sage-300

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). Yes. The skill is an explicit integration with an ERP (Sage 300) whose documented surface includes finance-specific entities and actions (Bank, Transaction, Invoice, Receipt, Payment, Deposit, Reconciliation, Journal Entry, etc.). It instructs using Membrane to list and run concrete actions or proxy API requests (with authentication handled) against Sage 300 endpoints. That combination enables creating/updating payments, deposits, transactions and other bank-related records — i.e., sending financial transactions — not just generic browsing or HTTP calls. Therefore it provides direct financial execution capability.