headless-checkout-proxy

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly implements an order placement flow that performs real payment submission. In orderRoutes.post("/place") it calls a VTEX payments endpoint (POST /api/payments/transactions/{transactionId}/payments) with paymentData and includes VTEX_APP_KEY / VTEX_APP_TOKEN headers. The skill's primary purpose is checkout/order placement (place → send payment → process) and it directly sends payment transactions to a payment API. This matches the "Payment Gateways" / "Send Transaction" criteria for Direct Financial Execution.