grow-payment-gateway

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly calls Grow's public API endpoints (https://sandbox.meshulam.co.il and https://secure.meshulam.co.il) and requires handling incoming webhook payloads and payment-page URLs (from createPaymentProcess), which are untrusted, user-generated third‑party content that the agent must read and act on (e.g., calling approveTransaction), so it can enable indirect prompt injection.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a payment-gateway integration for Grow/Meshulam and documents server-side API endpoints that create payments, charge saved tokens, manage recurring billing, create payment links, process refunds/cancellations, settle delayed transactions, and call approveTransaction. These are concrete, payment-specific operations (e.g., createPaymentProcess, createTransactionWithToken, refundTransaction, cancelBitTransaction, settleSuspendedTransaction, updateRecurringPayment) that move or control funds rather than being generic automation or HTTP tooling. Therefore it grants Direct Financial Execution capability.