php-point-of-sale

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires fetching and running the Membrane CLI at runtime (e.g., "npm install -g @membranehq/cli@latest" and "npx @membranehq/cli@latest ..."), which downloads and executes remote code that the skill relies on.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). This skill integrates directly with a Point-of-Sale system (PHP Point of Sale) and exposes commerce-specific entities such as "Sale", "Payment", "Gift Card", "Store Credit", and "Register". It documents using Membrane actions (action run / action create) against a connected PHP Point of Sale instance, with Membrane handling auth so the agent can run actions that create or modify sales/payments. Because its primary and explicit purpose includes creating and managing payments/sales (i.e., moving money or executing transactions), it meets the criteria for Direct Financial Execution.