samcart

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs running npx/npm to fetch and execute the Membrane CLI (e.g., npx @membranehq/cli@latest which pulls code from the npm registry such as https://registry.npmjs.org/@membranehq/cli), which is a runtime fetch that executes remote code and is a required dependency for the skill.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The SamCart skill is an integration for an e-commerce/payments platform and explicitly exposes financial-related objects and operations (Orders, Subscriptions, Payouts, Refunds, Commissions, Payments/API Keys). Via Membrane actions the agent can run operations against SamCart (create/run actions, pass inputs, etc.), which can include issuing refunds, managing payouts/subscriptions, and otherwise affecting money flow. This is a specific financial-execution integration (not a generic browser/API caller), so it meets the "direct financial execution" criteria.