SimpleFIN Bank Connection

Connects to bank accounts and fetches financial transactions via the SimpleFIN API. Use when the user wants to check bank balances, review recent transaction...

This skill appears to do what it claims, but take these precautions before installing: (1) Only use it if you trust bridge.simplefin.org and the Setup Token source. (2) Inspect and/or run the included script in a sandbox: it uses execSync to call curl with unescaped input (possible command injection) — prefer replacing shell calls with Node's https/http or a vetted HTTP library. (3) Don’t store the returned Access URL in an insecure plaintext file on shared systems; treat it as a secret (use secure storage or secrets manager). (4) Note SKILL.md mentions an env variable (SIMPLEFIN_ACCESS_URL) that isn't declared — if you rely on that, ensure it's set securely. (5) If you lack confidence in the script, ask the developer for a version that avoids shell execution and documents secure storage/rotation of the Access URL. If you decide to proceed, limit the skill's use to explicit, user-invoked actions and avoid granting it any broader unattended access to sensitive data.

Type: OpenClaw Skill Name: simplefin Version: 1.0.2 The skill contains a critical shell injection vulnerability in `scripts/simplefin_api.js` where user-provided input (the Setup Token) is base64-decoded and passed directly into a shell command via `execSync` without sanitization. Additionally, the skill instructions in `SKILL.md` direct the agent to store sensitive financial API credentials, including a plaintext username and password, in a local file (`memory/simplefin_url.txt`). While these actions support the stated purpose of connecting to the SimpleFIN API, the lack of input validation and insecure credential storage represent significant security risks.