Matt built Driggsby, a 75k-line Rust MCP server over Plaid, then wired it to Claude Code routines for prompt-only scheduled financial monitoring.
Key Takeaways
Driggsby connects to financial accounts via Plaid and exposes balances, transactions, investments, and loans as MCP tools for any agent.
Claude Code routines eliminate agent infra overhead: daily email, weekly anomaly detection, and outflow alerts each required only a prompt.
Gmail MCP connector creates drafts only, not sends; workaround was a custom email_me() tool with Markdown rendering, restricted to the verified owner email.
Anomaly detection compares the last 7 days of Amex transactions against 12 months of history; no alert fires if patterns look normal.
Prompt edits through the routines UI change monitoring behavior without code deploys; the wife (a CPA) runs her own separate routine with her own prompt.
Hacker News Comment Review
Two security vectors surfaced: Plaid stores banking credentials indefinitely and violates most banks’ ToS; separately, Claude Code routines silently permit all MCP write tools by default with a barely-visible disclaimer.
Commenters proposed lower-hallucination alternatives: Tiller syncing to Google Sheets backed by Supabase MCP, and LunchMoney API with LLM-generated tagging rules that accumulate as a rule engine over time.
A contingent questioned the value prop outright, preferring deterministic categorization (Tiller) over verbose LLM summaries for straightforward personal finances.
Notable Comments
@moltar: “all MCP tools, even write are always allowed” in routine mode with minimal disclosure - agents can silently mutate resources via MCP.
@mbm: founder confirms Driggsby requests only transactions/investments/liabilities Plaid scopes - no auth, transfer, or payment_initiation; nothing in the AI surface can move money.
