Is it safe to connect my bank account to AI?

The honest version of this question has five answers — one per thing that could go wrong. "Is it safe?" by itself is not really answerable; "is this specific failure mode prevented?" is. So this post walks the five threats anyone connecting bank data to an AI assistant should worry about, what FinContext does about each, and — importantly — the two we can't prevent and won't pretend to.

What FinContext does, in one paragraph

FinContext is a Model Context Protocol server that gives AI clients (Claude Desktop, ChatGPT, Cursor, Cline, Zed) read-only access to your bank account data through Plaid. You sign up at fincontext.ai, connect your bank via Plaid's hosted OAuth flow, then add the FinContext MCP endpoint to your AI client. The AI can then ask FinContext for balances, transactions, and analytics. That is the entire surface area.

The threat model below assumes you have done that. It does not cover the threats of using AI in general, only the incremental risks introduced by giving an AI access to bank data through this specific architecture.

Threat 1 — Credential theft