extension-backend

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly includes payment-related functionality: it lists "payment webhooks (Stripe, Paddle, etc.)", defines a POST /webhook/stripe endpoint and a webhook.service to "Process payment events", and supports license/subscription verification. These are specific payment gateway integrations (Stripe/Paddle) rather than generic tooling, and the skill is explicitly designed to handle payment events and subscription verification. Therefore it grants direct financial execution-related capability.