ai-agent-card-payments

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed for payments: it issues virtual cards, creates "intents" for purchases, enables autonomous purchasing within policy, and exposes sensitive card data (proxy.cards.get_sensitive) for completing checkouts. It also provides transaction and receipt APIs (proxy.transactions.*, proxy.receipts.attach) and workflows to request approvals for high-value spend. These are specific financial execution capabilities (virtual card issuance and transaction initiation), not generic tools, so it grants direct financial execution authority.