OpenAI just shipped a personal finance feature that connects ChatGPT to your bank. Claude and Perplexity have versions too. The exact onboarding check I run before any of them gets near my money.
In the last month, three of the largest AI companies in the world shipped ways to connect their assistants directly to your bank account, your credit cards, and your brokerage. OpenAI launched ChatGPT Personal Finance on May 15. Claude has bank-account access through its Era connector. Perplexity rolled out a full Plaid-powered finance experience in April.
This is fine, if you have the right guardrails. It is dangerous if you don't. This guide gives you the exact prompt I run before flipping any sensitive AI connector on. Bank, brokerage, email, calendar, health records, anything that, if it went sideways, would cost more than time.
Two years ago, the biggest AI risk was that the model would say something wrong. Bad answer, embarrassing email, a hallucinated stat. Annoying, but recoverable.
Now the risk is different. AI can act. It can move money out of your account. It can cancel a recurring subscription. It can email your team on your behalf. It can quietly store your private financials in a chat log that lives somewhere you cannot see.
Read-only access is one level of risk. Action access is a completely different one. The new onboarding-check prompt forces the AI to spell out which level you're agreeing to before you flip the switch.
Paste this into Claude (or any AI you trust) BEFORE you turn on a new connector to a sensitive account. Replace the bracketed inputs with whatever you're about to connect. The output is a one-page onboarding check you can actually read before clicking Approve.
Copy this prompt
You are my AI onboarding officer. Before I connect this AI to something sensitive, I need you to write me a one-page onboarding check so I know exactly what I'm agreeing to. The AI I'm about to connect: [e.g., ChatGPT Personal Finance / Claude Era / Perplexity Finance / a custom MCP connector] The account I'm about to connect it to: [e.g., my Chase checking account / my Gmail / my Google Calendar / my QuickBooks] Give me back this exact structure: 1. WHAT IT CAN READ. List the specific data the AI will have read access to once I connect. Be granular. Not "transactions" but "every credit and debit, the merchant name, the dollar amount, the timestamp, and any memos." 2. WHAT IT CAN DO ON MY BEHALF. The full list of actions the AI can actually take once connected. Send, transfer, cancel, schedule, delete, post, share, anything that changes the state of my account or the world. If it's read-only, say "read-only" explicitly. 3. WHAT GETS STORED. Where the data lives once it's accessed. In the AI provider's logs? In a chat history I can delete? In a vector database I cannot see? How long is the retention? 4. THE SAFEST WAY TO USE IT. The specific setting choices, scopes, and habits that minimize my downside. Be specific. Not "be careful" but "turn off the 'allow autonomous payments' toggle" or "limit to read-only scope at the OAuth step." 5. HOW TO DISCONNECT OR DELETE LATER. The exact steps to revoke access and delete any stored data. Include the URLs of the relevant settings pages. 6. THE WORST-CASE SCENARIOS. Three realistic ways this connection could go wrong (security breach at the provider, prompt injection through email content, an autonomous action I didn't expect) and what I would do to recover. Be concrete. No marketing language. Assume I'm not a security expert but I'm not stupid either. The goal is for me to know exactly what I'm agreeing to before I click Approve.
The line that matters most
Question 2, "what can it do on my behalf", is the line. Read-only access (Claude can see your balance) is genuinely low risk. Action access (Claude can move money) is a totally different conversation. Always know which one you just agreed to.
Run this onboarding check before any of these:
Banks and brokerages. Any account with a balance. Plaid-powered connectors included.
Email. Especially if you're giving Claude or ChatGPT 'send on my behalf' permissions, not just read access.
Calendar. Less about money, more about who knows where you are and when.
Health records. If you're connecting Apple Health, MyChart, Oura, Whoop, anything biometric.
Cloud storage with personal docs. Especially if it includes tax filings, contracts, IDs, passport scans.
Any 'agentic' tool with browser access. Anything that can click, fill forms, and complete checkout on your behalf.
The reframe
Think about every new AI connector the way you'd think about hiring an assistant and handing them a credit card on day one. You wouldn't do that without first making absolutely sure you knew what they could see, what they could spend, and how to walk them out the door if it went wrong. Same standard applies here.
The Only AI Masterclass You Need
If this guide helped, but you’re looking to go deeper, I got you!! My 30-Day Challenge takes you from saving AI tips you never use to actually building with AI, step-by-step.
I show you exactly how I automated two e-commerce brands, my social media, and most of my personal life, then hand you the agents, workflows & systems to do the same. I’m teaching you every single thing I know with one lesson and one build a day.
Join the AI Masterclass →© 2026 Mariah Brunner. All rights reserved.