ops-settings

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's smoke tests run "npx -y @dopplerhq/mcp-server --help", which fetches and executes remote npm package code from the npm registry (e.g. https://registry.npmjs.org/@dopplerhq/mcp-server) at runtime, so it executes remote code as a required runtime dependency for the Doppler MCP check.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly manages payment-gateway credentials (Stripe) and includes concrete Stripe API calls (curl to https://api.stripe.com/v1/balance) as probe and smoke-test steps. It allows updating and storing Stripe secret keys (masked display, writing to preferences.json) and immediately exercising them via API. This is a specific, non-generic integration with a payment gateway, which meets the "Direct Financial Execution" criteria.