Copilot Money Skill
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: copilot-money Version: 1.1.2 The skill instructs the agent to install and utilize the `copilot-money-cli` tool. A key feature of this tool, as described in SKILL.md, is its ability to 'auto-detect' and read 'your browser's local IndexedDB storage to find your Copilot Money session token' for authentication. While the documentation claims this process is local and data is only sent to Copilot Money's API, the instruction to install and execute a tool with the capability to access sensitive browser storage for session tokens is a high-risk operation, classifying it as suspicious.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The installed tool could access your Copilot Money account and sensitive financial information using a browser-derived session token.
The skill directs use of a tool that extracts a financial-service session/refresh token from local browser storage. This is high-impact credential access, and the registry metadata declares no primary credential or required config paths.
The CLI auto-detects your Copilot Money refresh token from supported browsers on macOS... reads your browser's local IndexedDB storage to find your Copilot Money session token.
Only use this if you trust the package and understand the credential access. Prefer manual token entry if available, inspect the package/source first, and revoke or rotate the Copilot Money session if you stop using it.
You would be trusting an unreviewed third-party package with access to financial credentials and account data.
The reviewed skill is instruction-only and sends users to install an external CLI package. Because that package is not included in the artifacts, its handling of browser tokens and financial data cannot be reviewed here.
pip install copilot-money-cli
Verify the package maintainer and source repository, pin the package version, install in an isolated environment, and review the code before allowing it to read browser session storage.
If invoked, the tool may contact financial institutions through Copilot Money to refresh linked account data.
The CLI can trigger a refresh of all linked bank connections. This is aligned with the stated finance-sync purpose, but it is still an account-affecting external action.
copilot-money refresh # Refresh all bank connections
Run refresh commands only when you intend to sync bank data, and confirm which Copilot Money account/session the CLI is using.
Account balances, transactions, net worth, and holdings could appear in chat context or command output.
The skill is designed to retrieve highly sensitive personal finance data into the agent or terminal context. This is purpose-aligned, but users should treat the outputs as private.
Query Copilot Money personal finance data (accounts, transactions, net worth, holdings, asset allocation)
Avoid using this skill in shared sessions, do not paste outputs into unrelated tools, and be careful with JSON exports or saved transcripts.