NYC

billing-automation

Warn

Audited by Snyk on Feb 16, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill explicitly integrates with a payment gateway: the BillingEngine.charge_customer method calls stripe.Charge.create(...) to charge a customer's saved payment method. The skill contains concrete, purpose-built functions to generate invoices, attempt payments, mark invoices paid, retry/handle failed charges (dunning), and advance billing — i.e., it is expressly designed to move money via a payment processor (Stripe). This meets the “Direct Financial Execution” criteria.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 03:46 AM