q2

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill requires fetching and running the Membrane CLI from npm (commands shown: "npm install -g @membranehq/cli@latest" and "npx @membranehq/cli@latest"), which downloads and executes remote code at runtime and is relied on by the skill.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is a purpose-built integration with Q2, a banking platform, and exposes domain-specific financial entities and actions (Payments, Refunds, Orders, Subscriptions, Invoices, etc.). It uses the Membrane CLI to create connections and run actions against Q2 (membrane action run ...), and Membrane handles auth so the agent can execute those actions. Because the integration is explicitly for a banking API and lists payment/refund/order operations that can be run, it constitutes direct financial execution capability.