alipay-payment-integration

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The Skill explicitly requires runtime curl fetches of Alipay online documentation (e.g., https://ideservice.alipay.com/cms/site/0izcu3) and mandates recursively reading those fetched pages to drive the agent's prompts and answers, so this external content directly controls agent behavior and is a required dependency.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). This Skill is explicitly designed to integrate and operate a payment gateway (Alipay). It documents specific payment APIs and flows (e.g., alipay.trade.pay, alipay.trade.app.pay, alipay.trade.precreate, alipay.fund.auth.order.app.freeze, JSAPI/App/WAP/PC payments, merchant deductions, pre-authorization and recurring/automatic deductions), describes sandbox and production endpoints, signing/verification requirements, and integration/transaction handling. Those are specific tools and interfaces to initiate and manage financial transactions (i.e., send payments, freeze/authorize funds, perform merchant deductions), not generic tooling. Therefore it grants Direct Financial Execution capability.