Copilot Money Mac
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill is narrowly aimed at reading local Copilot Money databases for finance questions, but the data it exposes to the agent is highly sensitive.
Install this only if you want the agent to answer questions using your local Copilot Money data. Keep requests narrow, avoid broad transaction dumps, and remember that even without external API calls in the skill, the financial results may be visible in the agent session.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your transactions, balances, budgets, recurring payments, and investment details may be visible to the agent and reflected in its responses.
The skill intentionally retrieves sensitive personal-finance data into the agent's working context so it can answer user questions.
analyze transactions, spending patterns, account balances, investments, and budgets
Use it only for finance questions you intend the agent to answer, and ask for summaries or limited date ranges instead of broad data dumps.
The agent may run local shell commands that read your Copilot Money database and return financial records.
The skill instructs the agent to run local command-line tools against app data; this is central to the purpose and the examples are read-oriented, but users should notice the direct local file access.
sqlite3 ~/Library/Group\ Containers/group.com.copilot.production/database/CopilotDB.sqlite "YOUR_QUERY"
Keep queries user-directed, prefer bounded SELECTs with LIMITs or date filters, and avoid asking the agent to dump entire tables unless you really need that.
Installation compatibility and provenance are less clear, though no unreviewed scripts or packages are included.
The reviewed skill is instruction-only and has no hidden code, but its provenance and runtime requirements are under-described relative to its macOS/sqlite3-based instructions.
Source: unknown; Homepage: none; OS restriction: none; Required binaries ... none
Confirm you trust the publisher and that you are on macOS with Copilot Money and the needed local tools available.
A user might underestimate how much financial detail the agent will see while answering questions.
The artifacts show no skill-side network calls, but users should read this privacy statement narrowly because query results can still enter the agent session depending on how the agent is configured.
All data stays local - this skill queries the local databases directly on your Mac. No data is sent to external services.
Treat returned query results as sensitive and avoid exposing more transaction detail than needed.