Skills
skills/xiaowen-0725/openydt-cli/openydt-billing/Snyk

openydt-billing

Warn

Audited by Snyk on Jun 13, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). 该技能集明确包含用于执行和记录“缴费/回传/补缴/预存/自动扣费/预置积分” 的写操作接口(如 openydt trade pay-park-fee、payback-batch、set-prestore-for-c-park、set-prestore-for-c-park-first-pay-before-leave、set-points 等),需要提交实付金额(act-pay-charge)、第三方订单号(billCode/thirdBillCode)、支付方式(payment-mode)、并且对缴费幂等/账单生效有严格说明。功能的主要意图即是发起/回写支付与管理预存/自动扣费,属于明确的支付执行能力,而非通用浏览或通用 API 调用抽象。

Issues (1)

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 13, 2026, 01:16 PM
Issues
1
Security Audit — snyk — openydt-billing