Skills
skills/wechatpay-apiv3/wechatpay-skills/wechatpay-basic-payment/Snyk

wechatpay-basic-payment

Warn

Audited by Snyk on Apr 8, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). 该技能明确针对微信支付(支付网关)场景设计,主要功能包括:下单/调起支付、支付回调处理、订单查询/关单、退款、账单下载与对账、分账(分润)、特约商户进件与开户意愿确认等。文档中还包含接口示例、排障脚本(查询订单.py、查询退款.py)及签名/验签规范,都是为调用支付/退款等金融交易 API 而设。按决策逻辑——这是一个专门用于“发送交易/处理支付”的工具(非泛化浏览或通用 API 调用器),其主要定义即为执行和管理资金相关操作,因此应视为具有直接金融执行能力。

Issues (1)

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 8, 2026, 08:00 AM
Issues
1