devops

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill includes explicit FinOps functionality and a concrete example of creating/updating cloud budgets via the AWS Budgets API (Terraform resource aws_budgets_budget). That is a specific API for managing financial budgets (programmatic budget creation/notifications), which meets the "API to update budget" criterion for Direct Financial Execution. No payment gateways, banking APIs, crypto, or market-order APIs are present, but the budget-management API is sufficient to flag risk.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill includes explicit, actionable instructions and examples for system-level changes (useradd,/etc/passwd, /etc/sudoers.d, systemd service files, systemctl commands, SSH key management, sysctl edits and SSM commands that write to /opt/… and restart services), which push an agent to modify the host system state and require elevated privileges.