pp-pagliacci

Warn

Audited by Snyk on May 28, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill exposes explicit order/payment actions and gift-card transfers. Examples: pagliacci-pp-cli cart send_order ("Submit an order. Requires payment information for guests; uses stored payment for authenticated users"), pagliacci-pp-cli orders reorder can recreate and (with --send) submit an order, and pagliacci-pp-cli gifts transfer transfers gift card balance to another account. These are domain-specific financial execution operations (submitting transactions/charging stored payment and moving gift-card value), not just generic HTTP or browser automation.

Issues (1)

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 28, 2026, 10:00 PM
Issues
1
Security Audit — snyk — pp-pagliacci