square-automation

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires adding and querying the MCP server at https://rube.app/mcp at runtime (via RUBE_SEARCH_TOOLS / RUBE_MANAGE_CONNECTIONS) to obtain tool schemas that directly determine agent behavior and prompts, so this external endpoint can control the agent's instructions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly built around Square (a payment gateway) and exposes specific payment- and invoice-related operations: listing and cancelling payments (SQUARE_LIST_PAYMENTS, SQUARE_CANCEL_PAYMENT), invoice cancellation (SQUARE_CANCEL_INVOICE), and other order/payment management actions. It requires an active Square connection and OAuth. These are specific, financial API actions (not generic browser or HTTP tools), so it provides direct financial execution capability.