vendasta

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is an API integration with Vendasta (via the Membrane CLI/proxy) and explicitly lists financial entities and operations—Invoice, Payment, Refund, Credit Note, Billing Profile, Ledger Entry, Subscription, etc. It documents running pre-built actions and proxying arbitrary Vendasta API requests (including POST/PUT/PATCH) with authenticated connections. Those capabilities expose Vendasta endpoints that can create payments, issue refunds, update invoices/ledgers, and otherwise perform money-moving operations. Because the skill includes explicit, platform-level payment/refund/invoice actions (not just generic browsing or HTTP callers), it grants direct financial execution authority.