Skill
WarnAudited by ClawScan on May 10, 2026.
Overview
This is a legitimate-looking banking automation skill, but it gives an agent broad financial authority through an unpinned GitHub MCP server and only partly defines approval boundaries.
Install only if you intentionally want an agent to operate a Brighty banking account. Review and pin the GitHub MCP server first, use the most limited API key and account limits available, and require manual confirmation for every payment, transfer, card, account, or team-management action.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked incorrectly or too autonomously, the agent could move funds, prepare or execute batch payments, issue or change cards, or alter business account access.
The tool set includes direct money movement and business account administration. The skill does include confirmation for payout execution, but the artifacts do not clearly require explicit user approval for all other sensitive account, card, transfer, and team mutations.
`brighty_create_external_transfer` — add fiat (IBAN) or crypto transfer to payout ... `brighty_start_payout id=UUID` — execute all transfers in batch ... `brighty_add_members emails=a@b.com,c@d.com role=ADMIN|MEMBER`
Require explicit user confirmation for every financial, card, account, and team-management mutation; show recipients, amounts, accounts, fees, and irreversible effects before execution; prefer spending limits and least-privilege API access where available.
Anyone or any agent process with access to the API key may be able to perform owner-authorized banking actions through the exposed tools.
The required API key is expected for this banking integration, but it represents owner-delegated authority over financial and business-account operations.
Only the business **owner** can do this. ... All actions performed through this skill are executed on behalf of the business owner.
Store the API key only in the local environment, rotate it if exposed, avoid putting it in chat or memory, and use the narrowest API permissions Brighty supports.
A changed or compromised upstream GitHub package could receive the Brighty API key and perform banking actions under the user's account.
The skill runs an unpinned GitHub-hosted MCP package via npx and passes it the banking API key. The actual server code is not included in the reviewed artifacts.
"command": "npx", "args": ["-y", "github:Maay/brighty_mcp"], "env": { "BRIGHTY_API_KEY": "${BRIGHTY_API_KEY}" }Pin the dependency to a reviewed commit or release, inspect the MCP server source before use, and run it only with a restricted API key and monitored account limits.