plaid
v0.0.3plaid-cli a cli for interacting with the plaid finance platform. link accounts from various institutions, query balances, and transactions by date range listing accounts/balances.
⭐ 4· 2.5k·7 current·7 all-time
by@jverdi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name/description align with a Plaid CLI (link accounts, query balances/transactions) and the skill requires the plaid-cli binary (install provided). However, the SKILL.md clearly instructs the user to export PLAID_CLIENT_ID, PLAID_SECRET, and PLAID_ENVIRONMENT and references ~/.plaid-cli config/data storage, yet the registry metadata lists no required environment variables and no required config paths — this mismatch is unexpected and unexplained.
Instruction Scope
Runtime instructions stay within Plaid-related actions (linking, listing accounts, fetching transactions) and explicitly warn about not printing secrets. They also instruct storing tokens/local state under ~/.plaid-cli and show examples that could reveal tokens if the agent runs the discouraged `plaid-cli tokens` command. The instructions do not ask the agent to read unrelated system files, but they do rely on env vars and a config file that the skill metadata does not declare.
Install Mechanism
Install is a go module install (github.com/jverdi/plaid-cli@0.0.2) that builds the plaid-cli binary. Pulling a public Go module is a common mechanism; this is moderate risk (unreviewed code) but not inherently suspicious compared with arbitrary URL downloads or extracts.
Credentials
The SKILL.md requires PLAID_CLIENT_ID, PLAID_SECRET, and PLAID_ENVIRONMENT (and optionally other PLAID_* vars) but the skill metadata declares no required environment variables and no primary credential. This omission is disproportionate: a Plaid integration legitimately needs credentials, and they should be declared so users and the platform can reason about secret usage.
Persistence & Privilege
The skill does not request always:true and does not request unusual privileges. It does read/write to ~/.plaid-cli (per instructions) and suggests storing tokens there; however those paths are not declared in the skill metadata. Autonomous invocation is allowed (platform default) — combined with the missing credential declarations this increases the importance of reviewing what the agent will do with credentials.
What to consider before installing
This skill appears to wrap a Plaid CLI and is plausible for its stated purpose, but the metadata is incomplete: it does not declare the PLAID_* environment variables or the ~/.plaid-cli config/data path that the instructions require. Before installing, verify the upstream source (github.com/jverdi/plaid-cli), review the CLI's code/release to ensure it behaves as expected, and prefer installing the plaid-cli binary yourself rather than allowing an automated install. Store PLAID_CLIENT_ID and PLAID_SECRET securely (not in plain shell history), and avoid running commands that print access tokens (the SKILL.md warns about `plaid-cli tokens`). If the publisher updates the skill to explicitly declare required env vars and config paths and provides a verifiable homepage/repo, the coherence concerns would be resolved.Like a lobster shell, security has layers — review code before you run it.
bankvk971nta2bjvkyngpyhkj2qp5zd7ykfcnbankingvk971nta2bjvkyngpyhkj2qp5zd7ykfcnfinancevk971nta2bjvkyngpyhkj2qp5zd7ykfcnlatestvk97ak79xzxzfn2wa2n4ehm02b57yk7xpmoneyvk971nta2bjvkyngpyhkj2qp5zd7ykfcntransactionsvk971nta2bjvkyngpyhkj2qp5zd7ykfcn
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
💳 Clawdis
Binsplaid-cli
Install
Install plaid-cli (go)
Bins: plaid-cli
go install github.com/jverdi/plaid-cli@0.0.2