refund-and-reorder

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly performs irreversible financial mutations via Shopify API operations: it calls the refundCreate GraphQL mutation to process refunds (not just query or prepare data) and can create draft orders (draftOrderCreate). The prerequisites and GraphQL operations, plus the Safety note ("refundCreate cannot be undone") and required write scopes, make clear this skill's primary purpose is to execute money-moving operations (issuing refunds). This matches "Direct Financial Execution" (sending transactions), not a generic tool.