← Back to Skills Marketplace
xbinkai

Billclaw

by firela · GitHub ↗ · v0.5.5
cross-platform ✓ Security Clean
2501
Downloads
1
Stars
3
Active Installs
16
Versions
Install in OpenClaw
/install billclaw
Description
This skill should be used when managing financial data, syncing bank transactions via Plaid/GoCardless, fetching bills from Gmail, or exporting to Beancount/Ledger formats. Provides local-first data sovereignty for OpenClaw users.
README (SKILL.md)

BillClaw - Financial Data Management for OpenClaw

Complete financial data management for OpenClaw with local-first architecture. Sync bank transactions, fetch bills from email, and export to accounting formats.

Security & Trust

BillClaw is safe, open-source software designed with security-first principles.

Verification

  • Transparent packages: All npm packages are open-source and published with provenance
  • Auditable code: Full source available at GitHub
  • npm provenance: Cryptographic proof linking packages to source code
  • Local-first: Your financial data never leaves your machine
  • User-controlled credentials: You provide all API credentials through your own accounts
  • System keychain: Tokens encrypted in your platform's secure keychain
  • Explicit invocation: Requires explicit user action (disable-model-invocation: true)

See SECURITY.md for detailed security architecture and verification steps.

Addressing Security Concerns

Concern Explanation
sets-process-name Comes from transitive npm dependencies, not BillClaw code
detect-debug-environment Common Node.js ecosystem pattern, not malicious
API credentials Required for functionality; you control them from your accounts
External packages All packages are open-source with npm provenance

Required Credentials

Important: Credentials are NOT required at install time. Configure them when you're ready to use specific features:

Environment Variable Purpose Required For
PLAID_CLIENT_ID Plaid API client ID Plaid bank sync
PLAID_SECRET Plaid API secret Plaid bank sync
GMAIL_CLIENT_ID Gmail OAuth client ID Gmail bill fetching
GMAIL_CLIENT_SECRET Gmail OAuth client secret Gmail bill fetching

Obtain credentials from:

Configure via:

  1. Environment variables (recommended)
  2. Configuration file (~/.firela/billclaw/config.json)
  3. OpenClaw config under skills.entries.billclaw.env

Quick Start (OpenClaw)

1. Install the Plugin

npm install @firela/billclaw-openclaw

The plugin registers these tools and commands with OpenClaw:

  • Tools: plaid_sync, gmail_fetch, conversational_sync, conversational_status
  • Commands: /billclaw-setup, /billclaw-sync, /billclaw-status, /billclaw-config

2. Configure Credentials

When you're ready to use a feature, configure the required credentials:

# For Plaid bank sync
export PLAID_CLIENT_ID="your_client_id"
export PLAID_SECRET="your_secret"

# For Gmail bill fetching
export GMAIL_CLIENT_ID="your_client_id"
export GMAIL_CLIENT_SECRET="your_secret"

3. Setup Your Accounts

/billclaw-setup

The interactive wizard will guide you through:

  • Connecting bank accounts (Plaid/GoCardless)
  • Configuring Gmail for bill fetching
  • Setting local storage location

4. Sync Your Data

You: Sync my bank transactions for last month

OpenClaw: [Uses plaid_sync tool from BillClaw plugin]
Synced 127 transactions from checking account

Or use the command directly:

/billclaw-sync --from 2024-01-01 --to 2024-12-31

5. Export to Accounting Formats

/billclaw-export --format beancount --output 2024.beancount

OpenClaw Integration

This skill provides instructions for using BillClaw with OpenClaw. The actual integration is provided by the @firela/billclaw-openclaw npm package.

Available Tools (via Plugin)

  • plaid_sync - Sync bank transactions from Plaid
  • gmail_fetch - Fetch bills from Gmail
  • conversational_sync - Natural language sync interface
  • conversational_status - Check sync status

Available Commands (via Plugin)

  • /billclaw-setup - Configure accounts
  • /billclaw-sync - Sync transactions
  • /billclaw-status - View status
  • /billclaw-config - Manage configuration

Additional Components (Optional)

Standalone CLI

For users who prefer a command-line interface, the standalone CLI is available as a separate npm package. See https://github.com/fire-la/billclaw for installation instructions.

Connect OAuth Server

For self-hosted OAuth flows, the Connect server is available as a separate npm package. See https://github.com/fire-la/billclaw for configuration details.

Data Sources

Source Description Regions
Plaid Bank transaction sync US, Canada
GoCardless European bank integration Europe
Gmail Bill fetching via email Global

Storage

  • Location: ~/.firela/billclaw/ (your home directory)
  • Format: JSON files with monthly partitioning
  • Security: Local-only storage

Configuration

Configuration is stored in ~/.firela/billclaw/config.json:

{
  "plaid": {
    "clientId": "your_client_id",
    "secret": "your_secret",
    "environment": "sandbox"
  },
  "gmail": {
    "clientId": "your_gmail_client_id",
    "clientSecret": "your_gmail_client_secret"
  }
}

Export Formats

Beancount

2024/01/15 * "Starbucks"
  Expenses:Coffee
  Liabilities:CreditCard:Visa
    $5.50

Ledger

2024/01/15 Starbucks
  Expenses:Coffee  $5.50
  Liabilities:Credit Card:Visa

Getting Help

Usage Guidance
This skill appears coherent for local financial syncing: if you plan to use it, review the npm packages' source (the repo links are provided), verify package provenance if that matters to you, and only supply Plaid/Gmail credentials when you enable those features. Because it installs Node packages, consider installing in a controlled environment (container or dedicated machine) if you have strong supply-chain concerns, and monitor network traffic on first run to confirm calls go only to Plaid/Gmail endpoints. The skill's disable-model-invocation setting reduces autonomous risk. If you rely on the optional Connect component (self-hosted OAuth), review its configuration carefully before exposing it to the network.
Capability Analysis
Type: OpenClaw Skill Name: billclaw Version: 0.5.5 The skill bundle, including SKILL.md, SECURITY.md, and the validation script, presents as a transparent, security-conscious financial management tool. Key indicators for this classification are the explicit `disable-model-invocation: true` in SKILL.md, which prevents autonomous agent execution, and strong claims in both SKILL.md and SECURITY.md regarding 'local-first' data storage, 'no data exfiltration', and user-controlled credentials stored in the system keychain. The documentation directly addresses common security concerns like transitive dependencies and sensitive API requirements, explaining them as non-malicious and necessary for functionality. There is no evidence of prompt injection attempts, obfuscation, or malicious code within the provided files; instead, they promote auditable, open-source practices.
Capability Assessment
Purpose & Capability
The skill's name/description (Plaid/Gmail sync, exports, local storage) matches the declared npm packages and optional Connect/CLI components. Requiring Node and providing npm packages for OpenClaw integration is proportionate to the stated purpose.
Instruction Scope
SKILL.md directs the user to install the listed npm packages, configure Plaid/Gmail credentials only when needed, run an interactive setup, and store data under ~/.firela/billclaw or system keychain. It does not instruct broad system scanning, harvest unrelated environment variables, or phone home to unexpected endpoints in the provided content.
Install Mechanism
Installation uses npm packages (@firela/*). npm is a normal distribution mechanism for Node tools but carries standard supply-chain risk (transitive dependencies). There are no downloads from arbitrary URLs, no extracted archives, and the install spec is consistent with the skill's purpose.
Credentials
No environment variables are required at install time. The SKILL.md lists Plaid and Gmail credentials for the features that need them, which is appropriate. There are no unrelated credentials or excessive env var requirements declared.
Persistence & Privilege
always:false and disable-model-invocation:true limit autonomous or always-on behavior. The skill does not request system-wide config changes or access to other skills' secrets in the provided content.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install billclaw
  3. After installation, invoke the skill by name or use /billclaw
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.5.5
Security improvements: Added SECURITY.md, removed install-time credential requirements, improved security documentation
v0.5.4
Release 0.5.4: https://github.com/fire-la/billclaw/releases/tag/v0.5.4
v0.5.3
Release 0.5.3: https://github.com/fire-la/billclaw/releases/tag/v0.5.3
v0.5.2
Release 0.5.2: https://github.com/fire-la/billclaw/releases/tag/v0.5.2
v0.5.1
Release 0.5.1: https://github.com/fire-la/billclaw/releases/tag/v0.5.1
v0.4.0
Release 0.4.0: https://github.com/fire-la/billclaw/releases/tag/v0.4.0
v0.3.0
Release 0.3.0: https://github.com/fire-la/billclaw/releases/tag/v0.3.0
v0.2.0
Release 0.2.0: https://github.com/fire-la/billclaw/releases/tag/v0.2.0
v0.1.5
Release 0.1.5: https://github.com/fire-la/billclaw/releases/tag/v0.1.5
v0.1.2
Release 0.1.2: https://github.com/fire-zu/billclaw/releases/tag/v0.1.2
v0.1.1
Release 0.1.1: https://github.com/fire-zu/billclaw/releases/tag/v0.1.1
v0.1.0
Release 0.1.0: https://github.com/fire-zu/billclaw/releases/tag/v0.1.0
v0.0.6
Release 0.0.6: https://github.com/fire-zu/billclaw/releases/tag/v0.0.6
v0.0.5
Release 0.0.5: https://github.com/fire-zu/billclaw/releases/tag/v0.0.5
v0.0.4
Release 0.0.4: https://github.com/fire-zu/billclaw/releases/tag/v0.0.4
v0.0.3
Release 0.0.3: https://github.com/fire-zu/billclaw/releases/tag/v0.0.3
Metadata
Slug billclaw
Version 0.5.5
License
All-time Installs 3
Active Installs 3
Total Versions 16
Frequently Asked Questions

What is Billclaw?

This skill should be used when managing financial data, syncing bank transactions via Plaid/GoCardless, fetching bills from Gmail, or exporting to Beancount/Ledger formats. Provides local-first data sovereignty for OpenClaw users. It is an AI Agent Skill for Claude Code / OpenClaw, with 2501 downloads so far.

How do I install Billclaw?

Run "/install billclaw" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Billclaw free?

Yes, Billclaw is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Billclaw support?

Billclaw is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Billclaw?

It is built and maintained by firela (@xbinkai); the current version is v0.5.5.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments