xero

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly an accounting integration (Xero via Apideck) and its primary surface is financial operations: it exposes full CRUD for invoices, bills, and importantly "payments" and manual journal entries, and includes examples for creating invoices and recording/reconciling payments. This is a purpose-built, specific financial API (not a generic browser or HTTP tool) that can be used to create or modify financial transactions and records, so it constitutes direct financial execution capability.