This doesn't surprise me at all. You can really constrain this problem, give very narrow context, and get pretty reliable and reproducible results.
I've gotten very good results with some vibe-coded deepseek book keeping. https://github.com/traverseda/beansync
Parses emails or other sources, extracts numbers, correlates different transactions, web search, asks questions, stores notes (regex based, very simple).
The hard part is getting good data, I'm sure that lexus nexus or whoever can get API access to my bank account and all my credit cards, but I can't. Email turned out to be the best way for most of my providers. Managed to avoid 2factor auth so far, but it will suck when I need it.
We've got integrations with major UK banks. Curious if you'd like to use a polished product or be more interested in bank-feed-as-an-API type of use case? What banks do you use?
Credit union atlantic. The possibility of you being able to profitably support small regional credit unions is pretty much 0. Maybe with a general browser use AI and an SMS portal. Also you'd need to bypass anti-bot protections, maybe solve captchas.
In my opinion that is the thing holding back almost all of these accounting products that make consumers lives better. I've solved it because all my cards and bills happen to support email, so I can use that as my source of truth for all my credit cards.
Note to self: traverseda doesn't have 2factor auth on his email and his LLM seems to have full access. Hmmm
The token is stored on a LUKS encrypted drive on kwallet. You'd have just as much luck getting my password from my firefox installs sqlite DB. This is also how email clients in general work.
Also this isn't really an agent. At least not a long lived one. Each email or transaction gets it's own session, the llm can make a few tool calls but must emit json as the final result. Very very short context lengths, very predictable results.
The bot does not have access to my passwords, there are pre-defined scripts that fetch the data that the run an LLM call for each transaction discovered.
Still, it's scary enough of a threat that I've got a separate laptop running ChromeOS with no AI shit on it that I use to access my banking.
[flagged]