pci-compliance

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly built for payment processing and PCI compliance and includes concrete, specific payment-gateway code. For example, the TokenizedPayment.charge_with_token method calls stripe.Charge.create with stripe.api_key set (server-side charging), and there are server-side Stripe examples for storing payment methods (stripe.Customer.modify). These are direct integrations with a payment gateway (Stripe) that perform charges and manage payment methods — i.e., explicit capability to send financial transactions. Therefore it grants Direct Financial Execution authority.