setup-hitpay

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a HitPay payment-gateway integration: it documents concrete API bases and endpoints (e.g., POST /v1/payment-requests, GET /v1/payment-requests/{id}), the X-BUSINESS-API-KEY auth header, webhook signing and verification, settlement rules (when to mark orders paid), refunds and payouts, and environment-specific keys/salts. Those are specific, purpose-built financial operations (creating payment requests, settling payments, refunds/payouts), not generic tooling. Under the "Specificity vs Genericity" rule this is a direct financial execution capability.