odoo-month-end-close

Warn

Audited by Snyk on Jul 2, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill is explicitly an Odoo accounting month-end close playbook (requires the account module) and defines concrete write actions for financial records: posting drafts, correcting fields, reconciling, deleting, and state changes. It names the write workflow functions (preview_write → validate_write → execute_approved_write(confirm=true)) and references reconciliation/posting operations. Although it mandates per-batch human approval, the skill clearly provides the agent with APIs to make authoritative changes to financial ledgers—i.e., direct financial execution within an accounting system. This is specific to finance (not a generic browser or HTTP tool), so it meets the threshold for direct financial execution authority.

Issues (1)

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 2, 2026, 05:44 PM
Issues
1
Security Audit — snyk — odoo-month-end-close