Personal Finance Tracker

v0.5.0

Manage personal finances: record expenses, income, transfers, check balances, and generate reports. TRIGGER when: user asks to record a transaction, expense,...

⭐ 0· 74·0 current·0 all-time

byChernenko Ivan@spotsccc

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for spotsccc/spotsccc-finance.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Personal Finance Tracker" (spotsccc/spotsccc-finance) from ClawHub.
Skill page: https://clawhub.ai/spotsccc/spotsccc-finance
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install spotsccc-finance

ClawHub CLI

Package manager switcher

npx clawhub@latest install spotsccc-finance

Security Scan

Capability signals

CryptoRequires wallet

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

The SKILL.md explicitly requires running an external 'assistant' CLI to talk to a PostgreSQL store, yet the registry metadata lists no required binaries, no installation, and no environment variables/credentials. That is inconsistent: a finance tracker that reads/writes transactions normally needs a CLI binary or DB connection info. The skill source/homepage is unknown, so there is no place to verify what the 'assistant' CLI is or how it authenticates.

ℹ

Instruction Scope

Runtime instructions are narrowly focused on finance operations (get-wallets, create-expense, spending-report) and do not ask to read arbitrary system files. However they instruct the agent to invoke an external CLI that will access stored financial data; there is no guidance on authentication, DB host, or what data the CLI will access. That leaves the agent discretion to use whatever local 'assistant' binary and credentials are available.

✓

Install Mechanism

No install spec and no code files — instruction-only — so the skill itself will not write or fetch code. This lowers installation risk. The main risk stems from calling an external binary (the 'assistant' CLI) which is not declared.

Credentials

The skill declares no required environment variables or credentials, yet the SKILL.md implies access to a PostgreSQL-backed dataset via a CLI. That typically requires DB connection info or local credentials; asking for none is disproportionate. Also allowed-tools includes 'Read', which enables file reads; the agent could discover credentials from local files unless explicitly constrained.

✓

Persistence & Privilege

The skill is user-invocable and not forced-always. It does not request persistent system privileges or declare modifications to other skills or system-wide settings. Autonomous invocation is enabled (default) but not combined with other high-risk flags.

What to consider before installing

This skill appears to expect an external 'assistant' CLI that interacts with a PostgreSQL database, but the package metadata does not declare that dependency or any authentication details. Before installing or enabling it, verify: (1) what the 'assistant' CLI is, where it comes from, and that you trust it; (2) where the finance data will be stored (local DB, remote host) and whether DB credentials are required; (3) whether any local files (credentials, .env, keyrings) could be read by the agent via the allowed 'Read' tool. If you cannot confirm the CLI provenance and storage location, run this skill in a sandboxed environment or decline to install. If you proceed, restrict the agent's file access and avoid exposing DB credentials as environment variables to the agent until you verify the implementation.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bwx4kaxdv6fzzygyr2tr3th84fptw

74downloads

0stars

1versions

Updated 2w ago

v0.5.0

MIT-0

Finance Skill

Record and query personal financial data stored in PostgreSQL via the assistant CLI.

Commands Reference

All commands: assistant <command> [json-args] Output: JSON to stdout on success, error to stderr with exit code 1.

Command	Arguments	Description
`create-expense`	amount, walletId, currencyCode, categoryId, description?	Record an expense
`create-income`	amount, walletId, currencyCode, description?	Record income
`create-transfer`	amount, walletId, currencyCode, toWalletId, toCurrencyCode, toAmount, description?	Transfer between wallets
`list-transactions`	walletId?, categoryId?, type?, limit?, offset?, dateFrom?, dateTo?	List transactions
`delete-transaction`	id	Delete a transaction
`get-wallets`	—	Get all wallets with balances
`get-wallet-balance`	walletId	Get wallet balance
`create-wallet`	name	Create a wallet
`get-categories`	—	Get all categories
`create-category`	name	Create a category
`delete-category`	id	Delete a category
`spending-report`	groupBy, walletId?, dateFrom?, dateTo?	Spending report

Transaction Types

1. Expense (Трата)

Use assistant create-expense '{"amount":"100","walletId":"...","currencyCode":"ARS","categoryId":"..."}'
Amount is always positive — the system negates it automatically
Requires: amount, walletId, currencyCode, categoryId
Optional: description

2. Income (Пополнение)

Use assistant create-income '{"amount":"5000","walletId":"...","currencyCode":"ARS"}'
Amount is positive
Requires: amount, walletId, currencyCode
Optional: description

3. Transfer (Перевод)

Use assistant create-transfer '{"amount":"100","walletId":"...","currencyCode":"USD","toWalletId":"...","toCurrencyCode":"USD","toAmount":"100"}'
The system creates two linked transactions automatically
Requires: amount, walletId, currencyCode, toWalletId, toCurrencyCode, toAmount
Optional: description
For same-currency transfers, toAmount equals amount

Workflow

Step 1: Parse the Request

Extract from the user's message:

Amount — number (always positive)
Currency — currency code (e.g. ARS, RUB, USDT)
Description — what was bought / reason for transaction (optional)
Wallet — which wallet to use
Category — spending category (required for expenses only)
Type — expense, income, or transfer (infer from context)

Step 2: Resolve References

Before creating a transaction:

Run assistant get-wallets to find the correct wallet ID
Run assistant get-categories to find the correct category ID
If category doesn't exist, ask the user or create it with assistant create-category '{"name":"..."}'

Step 3: Handle Ambiguity

If any required field is unclear or missing, ask the user one concise clarifying question. Common cases:

Wallet not specified and user has multiple wallets
Category is ambiguous
Amount is missing
Transfer destination unclear

Do NOT guess — ask. But do NOT over-ask if the context is obvious.

Step 4: Create the Transaction

Run the appropriate command (assistant create-expense, assistant create-income, or assistant create-transfer) with the resolved data as a JSON argument.

Step 5: Report Back

After creating the transaction, run assistant get-wallet-balance '{"walletId":"..."}' and reply with a concise confirmation including:

What was created (description, amount, wallet, category)
Updated wallet balance

Example reply format for an expense:

Записал: Булочка -200 ARS (Наличка ARS, Продукты)
Баланс Наличка ARS: 15 300 $

Example reply format for a transfer:

Перевод: 100 USD Tinkoff → Наличка
Баланс Tinkoff: 500 $
Баланс Наличка: 300 $

Constraints

NEVER create transactions without confirming ambiguous details first
Always respond in the same language as the user's message (default: Russian)
Keep responses short and action-oriented — no unnecessary explanations

Comments

Loading comments...