woo-payments

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). SKILL.md's "Before writing code" explicitly instructs the agent to web-search public sites (e.g., "woocommerce payment gateway tutorial") and to fetch the public URL https://woocommerce.github.io/code-reference/classes/WC-Payment-Gateway.html, meaning the agent will retrieve and act on content from open/public third-party web pages that can influence implementation decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for implementing WooCommerce payment gateways and includes concrete methods and workflows that move money: calling payment processor APIs in process_payment, handling refunds via process_refund, tokenization/saved payment methods, webhook/IPN handling to confirm payments, and marking orders paid with transaction IDs. These are specific, finance-focused capabilities (payment processing, refunds, tokenization) rather than generic tooling, so it provides direct financial execution authority.