open-accounting

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly an accounting/bookkeeping integration (Open Accounting) and exposes domain-specific financial entities and actions such as Payment, Transfer, Bill, Invoice, Budget, Journal Entry, etc. It uses the Membrane CLI to discover and run actions (e.g., action run with JSON input) against the Open Accounting connector, and even supports creating custom actions. Those actions can be specific operations like creating payments, transfers, or updating budgets — i.e., directly performing financial operations rather than generic browsing or HTTP calls. This meets the "specific tools to move/manage money" criteria, so it should be flagged.