Safety Report

Revolut

Name: Revolut
Rating: 5 (2 reviews)
Author: odrobnik

@odrobnik

Revolut web automation via Playwright: login/logout, list accounts, and fetch transactions.

742Downloads

2Installs

2Stars

9Versions

Workflow Automation3,323 Browser Automation1,737 Finance & Accounting1,347 Automated Testing538

Security Analysis

medium confidence

Clean0.08 risk

The skill's code, dependencies, and runtime instructions are coherent with a Playwright-based Revolut web automation tool, but it stores sensitive session state and generates QR images so run it in an isolated workspace and review the code before use.

Mar 3, 20263 files2 concerns

Purpose & Capabilityok

Name/description (Revolut web automation) align with requirements: python3 and Playwright are expected for browser automation. The included script implements login, account listing and transaction fetching via the Revolut web UI/API, which matches the stated purpose.

Instruction Scopenote

SKILL.md and SETUP.md restrict outputs to the workspace or /tmp and describe login via QR (2FA) and storing per-user state under {workspace}/revolut/. These instructions are within scope, but the script will persist Playwright storage_state (cookies/localStorage) which contains authentication tokens; it also writes a QR image to /tmp/openclaw/revolut/revolut_qr.png and prints a QR_IMAGE:<path> token for the agent to send. Ensure you understand and control where that image and the state files go.

Install Mechanismok

No install spec is provided (instruction-only with an included script). Requiring Playwright and Chromium is appropriate for the stated functionality. The skill does not download arbitrary third-party binaries in the metadata.

Credentialsnote

The skill requests no external API keys or unrelated environment variables. It does read OPENCLAW_WORKSPACE / OPENCLAW_TMP / PWD if present to locate workspace and tmp dirs. However, the stored Playwright storage_state and profile directories will contain session cookies/authorization that are sensitive and should be treated as credentials.

Persistence & Privilegeok

always:false and default invocation settings are used. The skill persists per-user browser/session state under the workspace (and ephemeral outputs under /tmp). It does not declare any capability to modify other skills or system-wide agent settings. The logout command deletes stored state per the documentation (user must call it).

Guidance

This skill appears to do what it says, but it handles sensitive authentication artifacts—before installing or running: 1) Review the full scripts/revolut.py source (especially any network calls) to confirm no unexpected remote endpoints. 2) Run the skill in an isolated VM/container or ephemeral workspace so stored session files and the QR image do not leak. 3) Be careful with the workspace you point it at — {workspace}/revolut/ will contain storage_state (cookies/localStorage) that act like credentials; call the provided logout command to delete them when finished. 4) Verify the upstream repository (https://github.com/odrobnik/revolut-skill) and trustworthiness of the publisher before providing access on a machine with other accounts or sensitive data. 5) If you do not want the agent to automatically include QR images or data in messages, do not enable autonomous runs or restrict agent output handling.

Latest Release

v1.3.2

fix: use /Users/oliver/clawd for workspace root to preserve symlink paths

More by @odrobnik

Codexmonitor

4 stars

Codex Quota

3 stars

Loxone

2 stars

Skill Review

2 stars

Sudoku

1 stars

Gemini Yt Video Transcript

1 stars

Published by @odrobnik on ClawHub