← 返回 Skills 市场

George Banking Automation

Name: George Banking Automation
Author: odrobnik

作者 Oliver Drobnik · GitHub ↗ · v1.5.4 · MIT-0

cross-platform ⚠ suspicious

2778

总下载

当前安装

版本数

在 OpenClaw 中安装

/install george

功能描述

Automate George online banking (Erste Bank / Sparkasse Austria): login/logout, list accounts, and fetch transactions via Playwright.

使用说明 (SKILL.md)

George Banking Automation

Fetch current account balances, stock portfolio, and transactions for all account types (checking, savings, depots) in JSON format for automatic processing. Uses Playwright to automate George (Erste Bank / Sparkasse Austria).

Entry point: {baseDir}/scripts/george.py

Setup

See SETUP.md for prerequisites and setup instructions.

Commands

python3 {baseDir}/scripts/george.py login
python3 {baseDir}/scripts/george.py logout
python3 {baseDir}/scripts/george.py accounts
python3 {baseDir}/scripts/george.py transactions --account \x3Cid|iban> --from YYYY-MM-DD --until YYYY-MM-DD
python3 {baseDir}/scripts/george.py datacarrier-list [--json] [--state OPEN|CLOSED]
python3 {baseDir}/scripts/george.py datacarrier-upload \x3Cfile> [--type pain.001] [--out \x3Cdir>] [--wait-done] [--wait-done-timeout 120]
python3 {baseDir}/scripts/george.py datacarrier-sign \x3Cdatacarrier_id> [--sign-id \x3Cid>] [--out \x3Cdir>]

Recommended Flow

login → accounts → transactions → portfolio → logout
login → datacarrier-upload → datacarrier-sign → logout

Always call logout after completing all operations to clear the stored browser session (cookies, local storage, Playwright profile). This minimizes persistent auth state on disk.

Notes

Session state stored in {workspace}/george/ with restrictive permissions (dirs 700, files 600).
Ephemeral exports default to /tmp/openclaw/george (override with OPENCLAW_TMP).

安全使用建议

This skill appears to be what it claims: a Playwright-based George (Erste/Sparkasse) automation tool. Before installing, consider: (1) it will persist browser session state and a bearer token in workspace/george/token.json — ensure that workspace location is trusted and has appropriate filesystem permissions; (2) Playwright requires installing a browser (chromium) via pip/playwright install — prefer running in an isolated environment or container; (3) the datacarrier upload feature accepts local XML files and performs validation, but you should still avoid pointing it at sensitive files outside intended directories; (4) review the included scripts yourself (or run in a sandbox) if you don't fully trust the source repository. Overall the requested capabilities and behavior are proportionate to the declared banking automation purpose.

功能分析

Type: OpenClaw Skill Name: george Version: 1.5.4 The 'george' skill bundle automates George online banking using Playwright to fetch transactions and sign payment orders. While 'scripts/george.py' includes security hardening like strict file permissions (umask 077), input sanitization, and path traversal checks, the skill possesses inherently high-risk capabilities. These include capturing and caching bearer authentication tokens and programmatically interacting with financial APIs (api.sparkasse.at). These features are aligned with the stated purpose but qualify as suspicious due to the sensitive nature of automated banking and session management.

能力标签

requires-oauth-tokenrequires-sensitive-credentials

能力评估

✓ Purpose & Capability

Name/description (George banking automation) match the delivered artifacts: an instruction-only skill plus a Python Playwright script. Required binaries (python3, playwright) are appropriate and expected for a browser automation task. No unrelated credentials, binaries, or config paths are requested.

✓ Instruction Scope

SKILL.md only instructs running the included script commands (login/logout/accounts/transactions/datacarrier-*) and documents where session state and ephemeral outputs live. The instructions do not request reading unrelated system files or sending data to unexpected external endpoints. The skill requires interactive 2FA and documents token/session caching — which is necessary for its purpose.

✓ Install Mechanism

No install spec is present (instruction-only), which minimizes automatic disk changes. Playwright must be installed by the user (pip + playwright install chromium) per SETUP.md, which is a normal, traceable install path. Nothing is downloaded from untrusted or obscure URLs by the skill itself.

✓ Credentials

The skill does not declare or require unrelated environment secrets. It optionally reads GEORGE_USER_ID / OPENCLAW_TMP / OPENCLAW_WORKSPACE / PWD which are reasonable for configuring user id, temporary output directory, and workspace location. It persists a bearer token to token.json — sensitive but proportional to avoiding repeated interactive 2FA.

✓ Persistence & Privilege

always:false and no elevated platform privileges. The script persists session state under a workspace directory (workspace/george) and documents restrictive file permissions and logout to clear sessions. It does not modify other skills' configs or request system-wide changes.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install george
安装完成后，直接呼叫该 Skill 的名称或使用 /george 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.5.4

Auto-resolve George user id from config/recent profile; improve data-carrier upload handling for hidden file inputs.

v1.5.3

fix: use /Users/oliver/clawd for workspace root to preserve symlink paths

v1.5.2

Security: sanitize and URL-encode --account when building securities portfolio API paths (prevents path traversal / query injection attempts).

v1.5.1

Security: path traversal protection, XML content validation, ID sanitization

v1.5.0

Add datacarrier-list, datacarrier-upload, datacarrier-sign commands. Sign via JSON API with Bearer token capture and polling.

v1.4.1

Rename .clawdhubignore to .clawhubignore

v1.4.0

Refactor: move setup/prerequisites to SETUP.md, keep SKILL.md lean

v1.3.1

- Bumped version to 1.3.1. - Minor documentation update in SKILL.md. - No functional or command changes.

v1.3.0

- Adds a "Recommended Flow" section to SKILL.md, guiding users through the sequence: login → accounts → transactions → portfolio → logout. - Advises always calling `logout` to clear browser session and minimize persistent auth state. - Clarifies credentials are provided via the `GEORGE_USER_ID` environment variable or `--user-id` flag; no `.env` file loading. - Updates notes on session state storage for improved clarity.

v1.2.1

- Expanded description to highlight fetching of account balances, stock portfolios, and transactions for all account types in JSON format. - Added detailed authentication instructions for 2FA approval via the George app. - Improved and clarified usage notes and examples.

v1.2.0

Security hardening: removed .env file loading (env injection vector), sanitised download filenames against path traversal.

v1.1.3

Remove legacy MOLTBOT_TMP; use OPENCLAW_TMP only

v1.1.2

Security: sanitize --account used in output filenames to prevent path traversal

v1.1.1

Security hardening: strict umask + private perms for persisted Playwright state; tmp dir now /tmp/openclaw

v1.1.0

Docs: clarify state dir is <workspace>/george by default (override with --dir/GEORGE_DIR); remove legacy ~/.moltbot mention.

v1.0.7

Fix YAML frontmatter (quoted description/summary) so ClawdHub shows summary

v1.0.6

Add ClawdHub summary + set homepage to GitHub

v1.0.5

Initial public release: reliable login flow, safe token logging, account auto-sync (IBAN extraction)

元数据

Slug george

版本 1.5.4

许可证 MIT-0

累计安装 2

当前安装数 2

历史版本数 18

常见问题