ClawAudit verdict
monarch-money
Personal finance CLI that authenticates to Monarch Money using email, password, and MFA secret stored in environment variables; all operations are standard budget management tasks (list transactions, categorize spending) against the user's own account.
⚠ Flagged for review — coarse, uncorroborated signal, not a confirmed exploit. Review the config yourself before installing.
Automated static analysis — not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.
Findings (7)
Possible hardcoded credential
references/TROUBLESHOOTING.md · code · PASSWORD='pa$$word!with@special#chars
Accesses sensitive environment variables
references/API.md · code · process.env.MONARCH_PASSWORD
References child_process — can spawn system processes
cli/commands/test.ts · prose · downgraded · child_process
Uses spawn() — can execute external programs
cli/commands/test.ts · prose · downgraded · spawn(
References sudo — requests elevated privileges
references/TROUBLESHOOTING.md · prose · downgraded · sudo
Sets world-executable permissions
references/TROUBLESHOOTING.md · code · chmod 700
Popular HTTP library — network access
lib/client/auth/AuthenticationService.ts · prose · downgraded · node-fetch
Why the tier is capped
Execution sink present in raw bytes (Hard Floor: class B/D). Final tier capped at Caution — cannot be lifted by any downgrade, example-payload opt-in, or allowlist.
Permissions & capabilities
Requires 3 environment variables. (2 sensitive: MONARCH_PASSWORD, MONARCH_MFA_SECRET).
Is this flag fair?
Thanks — recorded.