Budgetly
PassAudited by ClawScan on May 1, 2026.
Overview
Budgetly appears to be a local, purpose-aligned budgeting tool, but users should notice that it stores financial notes in plaintext local files and its install metadata is incomplete.
Budgetly looks appropriate for local budget tracking. Before installing, confirm the script source and install path, and remember that the finance data you enter is saved as plaintext under your home directory and should not include passwords, bank login details, or information you would not want other local tools to read.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any tool with access to the user's local files could read the saved spending, balance, tax, or budget notes.
The skill intentionally keeps user-entered financial data in persistent plaintext local logs, which is purpose-aligned but sensitive.
All entries are timestamped and stored in plain-text log files... All data is stored in `~/.local/share/budgetly/`
Avoid storing highly sensitive account details or secrets in entries, protect the local data directory, and review exported files before sharing them.
A user may need to verify how the `budgetly` command is installed and that the script being run matches the reviewed artifact.
The package includes a Bash script and documents a CLI command, but the install mechanism and required runtime binaries are not declared in the registry metadata.
No install spec — this is an instruction-only skill. Code file presence: scripts/script.sh
Install only from the expected source, inspect the script before placing it on PATH, and ensure Bash and the documented Unix utilities are available.