Revolut Business
WarnAudited by ClawScan on May 10, 2026.
Overview
This is a coherent Revolut Business CLI, but it grants persistent business-banking access and can move or exchange money, including a no-confirm payment mode.
Review carefully before installing. Only use this if you intentionally want an agent to access a Revolut Business account and potentially perform payments, FX exchanges, and transfers. Protect ~/.clawdbot/revolut, avoid no-confirm payment options, require manual approval for every fund-moving action, and inspect or harden the setup script before running it.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing and authenticating this skill can give the agent ongoing access to business account data and authorized Revolut API actions.
The skill needs persistent credentials and OAuth tokens for a business banking account, while the registry metadata says there is no primary credential or required env var. That under-declares the privilege boundary a user is granting.
Stored in `~/.clawdbot/revolut/`: - `private.pem` — RSA private key (for JWT signing) - `tokens.json` — OAuth tokens (auto-managed) ... Environment variables (in `.env`): - `REVOLUT_CLIENT_ID`
Declare the required credentials/env vars in metadata, document the exact API scopes/permissions requested, and advise users to use the least-privileged Revolut certificate and protect the token directory.
If invoked incorrectly or too broadly, the agent could initiate payments, exchange funds, or transfer money between business accounts.
The skill exposes money-moving and currency-exchange operations, including a documented no-confirm payment path, without clear artifact-level rules requiring explicit user approval for every high-impact transaction.
# Send payment (with confirmation prompt)
python3 {baseDir}/scripts/revolut.py pay ...
# Skip confirmation
python3 {baseDir}/scripts/revolut.py pay ... -y
...
python3 {baseDir}/scripts/revolut.py exchange --amount 100 --sell EUR --buy USD
...
python3 {baseDir}/scripts/revolut.py transfer --from-account <ID> --to-account <ID> --amount 100Require explicit per-transaction user approval, discourage or disable `--yes` for agent use, and document confirmation behavior for FX and internal transfers.
During setup, a crafted or copied value could run arbitrary shell commands on the user's machine.
Interactive values such as certificate common name, organization, and country are interpolated into a shell command executed with shell=True. Shell metacharacters in those fields could execute unintended local commands.
def run(cmd):
return subprocess.run(cmd, shell=True, capture_output=True, text=True)
...
r = run(f'openssl req -new -x509 -key "{PRIVATE_KEY}" -out "{CERTIFICATE}" '
f'-days 730 -subj "/CN={cn}/O={org}/C={country}"')Use subprocess.run with an argument list and shell=False, validate certificate fields, and avoid placing user input inside shell command strings.