retool

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly includes payment gateway integration and an example that issues a Stripe refund via the Stripe API (POST https://api.stripe.com/v1/refunds with Authorization: Bearer {{ STRIPE_KEY }}). The JS button handler triggers the refundQuery to process refunds. This is a specific, built-in financial execution action (payment gateway transaction), not a generic tool, so it grants direct financial execution capability.