github-copilot

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill exposes GitHub Copilot billing and subscription management endpoints (e.g., add/remove seats, add/remove teams, billing info endpoints). Those operations explicitly modify an organization's subscription and billing state (creating/cancelling seats), i.e., they can cause charges or change billed quantities. This is a specific, non-generic financial operation (subscription/billing management), not merely a generic HTTP or browser tool.