Could a Claude Code routine watch my finances?

I recently did this for myself using https://tiller.com/ to sync checking/credit-card transactions to a Google Sheets spreadsheet. Then a GitHub action mirrors the spreadsheet to a free Supabase database.

From there, Supabase MCP or psql gives Claude/Codex access to the transactions/balances for english queries. Really impressed with their ability to find subscription patterns, abnormal patterns, etc. Also to predict cashflow which no online tool so far is good at i.e. "tell me how much cash I can move to savings based on my monthly spend patterns and available cash".

For autocategorization, I learned Claude is really good at custom DSLs. Had it create a markdown table based ruleset to normalize payee/categories. I also run the autocat rules as part of the GitHub actions.

Maybe my net worth is too low but I just don't see a value proposition. I don't want daily emails from LLMs and if I need updates on my investments any more often than quarterly (at most), I should probably seek safer investments. I am a bit interested in budgeting tools, but I want them to be completely deterministic. For me at least, financial planning is pretty uneventful and time spent optimizing expenses more than I already have would be better spent seeking a higher paying job.

I’m Canadian and have been using https://lunchmoney.app/ for tracking with Plaid integrations.

They have an api and I got llm to write a CLI for it.

That way agent can pretty much pull the data it needs or wants.

One thing I also had it do is build up a series of rules for tagging which then I run a cron for once a day.

Every once in a while I just ask it to look over the rules and make new ones for uncategorized transactions.

(As a side note I think having LLM “memoize” a task through a rule engine or code is really nice pattern)

But once you have the cli with query you can pretty much ask the agent to do anything.

Have to be careful with routines. There’s a very small disclaimer that’s barely noticeable that in routine mode all MCP tools, even write are always allowed. So agent can technically go rogue and start mutating your resources via MCP.

This seems like a solution looking for a problem. https://tiller.com/ works great and lets you do whatever calculations you want in a spreadsheet - and, bonus, it's never going to hallucinate.

I don't quite understand the desire to have these verbose summaries that you have to read from LLMs. You'll notice anomalies if you just categorize each of your expenses every so often (easy with Tiller).

In case anyone is interested, just wanted to share a few high level details about our infra/security setup.

- Backend & CLI are both strictly linted Rust. The webapp runs on Axum (Rust web framework), and connects to Postgres via sqlx.

- Financial read-only. There's no transfer, pay, or send tool in the product. Nothing in the AI surface can move money.

- We request transactions, investments, and liabilities from Plaid. We don't request auth, transfer, or payment_initiation, so we never receive full account numbers or routing numbers — just the last-4 mask Plaid returns by default.

- Bank usernames and passwords go to Plaid Link, not us. We only hold a per-institution access token.

- Plaid access tokens live in a separate database behind a single custody Cloud Run service, encrypted at rest by Cloud KMS. The broker calls KMS's encrypt/decrypt endpoints — the root key material never leaves Google's HSM boundary and the broker's service account is the only one with encrypt/decrypt permissions. The web app doesn't have permission to read that database.

- Every encryption and decryption call passes the Plaid item ID as AAD (additional authenticated data). A ciphertext from one item cannot be swapped in and decrypted as another item's token.

- Each Cloud Run service (including our web app) runs under its own cloud identity and with its own DB role.

- Internal calls between services are authenticated: the caller presents a short-lived identity token from the cloud provider, and the receiver verifies it.

- The prod databases have no public IP. Secrets live in managed secret storage, not in source or container images.

- The AI connector is OAuth 2.1 + PKCE, scoped per user, revocable from the UI. Every tool call records the tool name, sanitized args, calling client, and the reason the agent supplied, so you can see what your LLM asked on your behalf.

- There are no fetch-URL, shell, or general I/O tools in the AI surface. Tools return structured financial data and nothing else.

- Networking, IAM, and DB grants are all in Terraform. All infra changes go through that path.

- Infra access is gated by 2fa and security keys.

To everyone who doesn’t know how Plaid works: You give your banking username and password directly to Plaid, and it keeps it (so it can continue to login).

I don’t understand how anyone is OK with this. It goes against every security principle and it’s against the terms and conditions of every bank.

I realize that almost no bank provides a secure and proper API to get info and/or to transfer funds, but Plaid’s solution is a disaster waiting to happen.

When I was trying to use Claude to analyze my past transactions, I found out that it was constantly hallucinating charges, sometimes adds new, double counts and etc.

When I'm dealing with my finances the 95% time Claude is correct and doesn't hallucinate is not enough as I have to be vigilant and review its work all the time. So it kinda makes it worthless in this case for me

Super cool writeup from a technology perspective. And a motivator to build more tools, play with MCP and try out Claude routines. The product pitch is also really clear. Good job all around.

Now for the criticism: back in the day mint.com was mind-blowing. It's what you always thought you'd wanted. The graphs were interactive and pretty and you really loved seeing them go up. Not so much down. I was so attached to the gamified aspects, much like step counters. They reinforce habits.

My mint journey ended with roughly 5 years or so of data, once they sold to Intuit, didn't like the ads and willingly syncing all my data to mega-corp. Much like Duolingo, it felt good at the time, but I don't know that it did anything for me at all.

Tracking is a double-edged sword: it really does build better habits. It's better to track weight every day for example so you better understand that fluctuations are mostly noise. The daily tracking stuff is entirely useful to get the need to track daily out of your system.

TLDR: checking my net-worth daily sounds like something I should coach myself out from. Ironically that probably takes tools, but the end goal is to not need them.

What does the Plaid integration look like? What is your approach for accounts or assets that can’t be connected with Plaid?

I don't really get this; could just use Plaid and have your own transaction/net worth site/app in a few hours with Claude Code and it'd be much more consistent.

I'm surprised y'all stopped at the personal finance layer. I've been thinking for awhile that LLMs would be really effective as personal financial advisers, and this kind of hookup (plus I guess another one for investment accounts?) seems like all that's needed to bootstrap reasoning.

Used driggsby the other day. Friend of mine sent it to me. Suprising how easily it found all of my subscriptions. That was the main reason i tried it. I'm sure i'll dive deeper into it this week though.

Any thoughts on how brightplan compares to some of the other apps mentioned here? It's free via work.

Hi all, Matt here - founder. Happy to answer any questions. Thanks for stopping by!

I'm curious how reasonable it would be for a person, rather than a company, to have a plaid sub.

It's amazing to me how little people care about their data. Giving it to an AI company for non-training purposes is OK now? Was it okay before?

My spouse was almost scammed out of 25k the other day, by a person. There is no way in fucking hell I'll let an "agent" touch my finances. That is madness.