cloudbeds-api

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly instructs agents to add and use the external MCP server at https://developers.cloudbeds.com/mcp at runtime to provide LLM-facing docs and integration code (which can directly control agent context/prompts), so this runtime dependency is a high-confidence prompt-control risk.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly exposes Cloudbeds payment APIs and endpoints used to move money: e.g., the Payments product base (api.payments.cloudbeds.com / Payments Vault v1 / Pay-By-Link v2), and core endpoints such as postCharge, postPayment, postCreditCard, postVoidPayment. It documents payment flows (Vault tokenization, Pay-By-Link, Payment Element web component) and Stripe passthrough. These are specific, purpose-built payment operations (creating charges/tokenizing cards/send payments), not generic HTTP or browser tooling—thus it grants direct financial execution capability.