← Back to Skills Marketplace

Revolut

Name: Revolut
Author: odrobnik

by Oliver Drobnik · GitHub ↗ · v1.3.2

cross-platform ✓ Security Clean

1119

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install revolut

Description

Revolut web automation via Playwright: login/logout, list accounts, and fetch transactions.

Usage Guidance

This skill appears to do what it says, but it handles sensitive authentication artifacts—before installing or running: 1) Review the full scripts/revolut.py source (especially any network calls) to confirm no unexpected remote endpoints. 2) Run the skill in an isolated VM/container or ephemeral workspace so stored session files and the QR image do not leak. 3) Be careful with the workspace you point it at — {workspace}/revolut/ will contain storage_state (cookies/localStorage) that act like credentials; call the provided logout command to delete them when finished. 4) Verify the upstream repository (https://github.com/odrobnik/revolut-skill) and trustworthiness of the publisher before providing access on a machine with other accounts or sensitive data. 5) If you do not want the agent to automatically include QR images or data in messages, do not enable autonomous runs or restrict agent output handling.

Capability Analysis

Type: OpenClaw Skill Name: revolut Version: 1.3.2 The skill is designed for Revolut web automation to fetch banking data. It uses Playwright to interact with the Revolut website and its internal APIs. Key security features include explicit output path sanitization (`_safe_output_path` in `scripts/revolut.py`) to prevent arbitrary file writes, and clear documentation in `SKILL.md` and `SETUP.md` about local state storage and the handling of PINs from `config.json`. While storing PINs in `config.json` is a security consideration for the user, the script itself does not exfiltrate this data or perform any other unauthorized actions. All network calls are directed to Revolut's own domains, and there is no evidence of malicious execution, persistence, or prompt injection attempts against the agent.

Capability Assessment

✓ Purpose & Capability

Name/description (Revolut web automation) align with requirements: python3 and Playwright are expected for browser automation. The included script implements login, account listing and transaction fetching via the Revolut web UI/API, which matches the stated purpose.

ℹ Instruction Scope

SKILL.md and SETUP.md restrict outputs to the workspace or /tmp and describe login via QR (2FA) and storing per-user state under {workspace}/revolut/. These instructions are within scope, but the script will persist Playwright storage_state (cookies/localStorage) which contains authentication tokens; it also writes a QR image to /tmp/openclaw/revolut/revolut_qr.png and prints a QR_IMAGE:<path> token for the agent to send. Ensure you understand and control where that image and the state files go.

✓ Install Mechanism

No install spec is provided (instruction-only with an included script). Requiring Playwright and Chromium is appropriate for the stated functionality. The skill does not download arbitrary third-party binaries in the metadata.

ℹ Credentials

The skill requests no external API keys or unrelated environment variables. It does read OPENCLAW_WORKSPACE / OPENCLAW_TMP / PWD if present to locate workspace and tmp dirs. However, the stored Playwright storage_state and profile directories will contain session cookies/authorization that are sensitive and should be treated as credentials.

✓ Persistence & Privilege

always:false and default invocation settings are used. The skill persists per-user browser/session state under the workspace (and ephemeral outputs under /tmp). It does not declare any capability to modify other skills or system-wide agent settings. The logout command deletes stored state per the documentation (user must call it).

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install revolut
After installation, invoke the skill by name or use /revolut
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.3.2

fix: use /Users/oliver/clawd for workspace root to preserve symlink paths

v1.3.1

Rename .clawdhubignore to .clawhubignore

v1.3.0

Refactor: move setup/prerequisites to SETUP.md, keep SKILL.md lean

v1.2.2

- Version bumped to 1.2.2. - SKILL.md updated, but there are no content or feature changes—only the version number increased.

v1.2.1

- Changed session management: browser sessions are now kept between commands by default and deleted only on explicit logout. - Updated documentation to reflect the new recommended flow and clarify that persistent session data is cleaned up on logout. - Removed mention of automatic session deletion after each command; session state is now retained unless 'logout' is run.

v1.2.0

Version 1.2.0 - Security update: All data commands now auto-logout and remove browser/session data after completion to protect against workspace compromise. - Added option `--keep-session` to preserve the session for consecutive commands. - Configuration change: renamed `passcode` field to `pin` in config.json; clarified that `pin` is not a credential, but a personal identification number for initiating the auth flow. - Updated documentation reflecting these changes and improved explanation of session handling and security.

v1.1.1

- Updated documentation with a new overview, clarifying features and authentication requirements. - Added instructions for fetching invest-transactions and mentioned JSON output format. - Reorganized and expanded usage examples and configuration guidelines. - Noted that credentials must be supplied in config.json; `.env` file is not supported.

v1.1.0

Multi-user support and configuration added. - Introduced `--user` argument for handling multiple Revolut accounts. - Accounts and session states are now managed per user. - Added configuration via `{workspace}/revolut/config.json` for user and passcode setup. - QR code login saves the QR image path to `/tmp/openclaw/revolut/revolut_qr.png` and outputs it for agent use. - Environment variable `REVOLUT_PASSCODE` and workspace override have been removed from required setup.

v1.0.0

Initial release: Automates Revolut web banking tasks. - Supports login, logout, listing accounts, and fetching transactions via Playwright automation. - Provides commands to access accounts, transactions (with date range), portfolio, and investment transactions. - Stores session state for persistent logins. - Enables passcode auto-entry through an environment variable. - Outputs and paths are sandboxed for security.

Metadata

Slug revolut

Version 1.3.2

License —

All-time Installs 4

Active Installs 3

Total Versions 9

Frequently Asked Questions

What is Revolut?

Revolut web automation via Playwright: login/logout, list accounts, and fetch transactions. It is an AI Agent Skill for Claude Code / OpenClaw, with 1119 downloads so far.

How do I install Revolut?

Run "/install revolut" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Revolut free?

Yes, Revolut is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Revolut support?

Revolut is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Revolut?

It is built and maintained by Oliver Drobnik (@odrobnik); the current version is v1.3.2.

More Skills