headless-checkout-proxy

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to perform checkout and order placement including a concrete "send payment" step against VTEX payment endpoints. It defines attaching paymentData, building a payments transaction POST (paymentUrl = https://{account}.{env}.com.br/api/payments/transactions/{transactionId}/payments), and uses VTEX API credentials (X-VTEX-API-AppKey / X-VTEX-API-AppToken) to submit payment payloads. These are specific payment gateway operations (sending payments/transactions), not generic HTTP or automation—i.e., the tool's primary and explicit definition is to execute financial transactions.