supastarter-nextjs

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly built for a SaaS starter kit with integrated billing and subscriptions. It names payment providers (Stripe, Lemonsqueezy, Polar), references payment configuration files (apps/web/config/payment.ts), webhook handlers (packages/api/src/webhooks/), and environment variables like STRIPE_SECRET_KEY and STRIPE_WEBHOOK_SECRET. These are specific integrations for payment gateways and processing subscriptions/invoices (i.e., moving money), not generic developer tooling. Therefore it grants direct financial execution capability.