← Back to Skills Marketplace
2552
Downloads
4
Stars
8
Active Installs
2
Versions
Install in OpenClaw
/install plaid
Description
plaid-cli a cli for interacting with the plaid finance platform. link accounts from various institutions, query balances, and transactions by date range listing accounts/balances.
Usage Guidance
This skill appears to wrap a Plaid CLI and is plausible for its stated purpose, but the metadata is incomplete: it does not declare the PLAID_* environment variables or the ~/.plaid-cli config/data path that the instructions require. Before installing, verify the upstream source (github.com/jverdi/plaid-cli), review the CLI's code/release to ensure it behaves as expected, and prefer installing the plaid-cli binary yourself rather than allowing an automated install. Store PLAID_CLIENT_ID and PLAID_SECRET securely (not in plain shell history), and avoid running commands that print access tokens (the SKILL.md warns about `plaid-cli tokens`). If the publisher updates the skill to explicitly declare required env vars and config paths and provides a verifiable homepage/repo, the coherence concerns would be resolved.
Capability Analysis
Type: OpenClaw Skill
Name: plaid
Version: 0.0.3
The skill bundle is benign. It provides instructions for installing and using `plaid-cli` to interact with the Plaid finance platform. The `SKILL.md` explicitly instructs the agent not to print or log secrets, which is a positive security indicator. All commands are standard for a CLI tool, involving local file operations (`/tmp` for state management) and `jq` for local data processing. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, prompt injection attempts against the agent, or obfuscation.
Capability Assessment
Purpose & Capability
Name/description align with a Plaid CLI (link accounts, query balances/transactions) and the skill requires the plaid-cli binary (install provided). However, the SKILL.md clearly instructs the user to export PLAID_CLIENT_ID, PLAID_SECRET, and PLAID_ENVIRONMENT and references ~/.plaid-cli config/data storage, yet the registry metadata lists no required environment variables and no required config paths — this mismatch is unexpected and unexplained.
Instruction Scope
Runtime instructions stay within Plaid-related actions (linking, listing accounts, fetching transactions) and explicitly warn about not printing secrets. They also instruct storing tokens/local state under ~/.plaid-cli and show examples that could reveal tokens if the agent runs the discouraged `plaid-cli tokens` command. The instructions do not ask the agent to read unrelated system files, but they do rely on env vars and a config file that the skill metadata does not declare.
Install Mechanism
Install is a go module install (github.com/jverdi/[email protected]) that builds the plaid-cli binary. Pulling a public Go module is a common mechanism; this is moderate risk (unreviewed code) but not inherently suspicious compared with arbitrary URL downloads or extracts.
Credentials
The SKILL.md requires PLAID_CLIENT_ID, PLAID_SECRET, and PLAID_ENVIRONMENT (and optionally other PLAID_* vars) but the skill metadata declares no required environment variables and no primary credential. This omission is disproportionate: a Plaid integration legitimately needs credentials, and they should be declared so users and the platform can reason about secret usage.
Persistence & Privilege
The skill does not request always:true and does not request unusual privileges. It does read/write to ~/.plaid-cli (per instructions) and suggests storing tokens there; however those paths are not declared in the skill metadata. Autonomous invocation is allowed (platform default) — combined with the missing credential declarations this increases the importance of reviewing what the agent will do with credentials.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install plaid - After installation, invoke the skill by name or use
/plaid - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.0.3
Initial release
v0.0.2
Initial Release (beta)
Metadata
Frequently Asked Questions
What is plaid?
plaid-cli a cli for interacting with the plaid finance platform. link accounts from various institutions, query balances, and transactions by date range listing accounts/balances. It is an AI Agent Skill for Claude Code / OpenClaw, with 2552 downloads so far.
How do I install plaid?
Run "/install plaid" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is plaid free?
Yes, plaid is completely free (open-source). You can download, install and use it at no cost.
Which platforms does plaid support?
plaid is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created plaid?
It is built and maintained by jverdi (@jverdi); the current version is v0.0.3.
More Skills