From fondo-pack
Applies Fondo security practices: OAuth management for Gusto/QuickBooks/Plaid/Stripe, encrypt/protect financial exports, team access controls, SOC 2 checklist.
npx claudepluginhub jeremylongshore/claude-code-plugins-plus-skills --plugin fondo-packThis skill is limited to using the following tools:
Security practices for Fondo financial data: manage OAuth connections, protect exported financial data, control team access, and maintain compliance.
Outlines reference architecture for startup financial operations using Fondo bookkeeping with integrations to Mercury banking, Gusto payroll, Stripe revenue, and reporting outputs.
Provides Finta security checklist covering encryption, access permissions, 2FA, and best practices for fundraising data and investor info protection.
Secures Clari API tokens using AWS Secrets Manager, redacts PII from forecast exports in Python, and applies access control checklists.
Share bugs, ideas, or general feedback.
Security practices for Fondo financial data: manage OAuth connections, protect exported financial data, control team access, and maintain compliance.
| Integration | Token Lifetime | Refresh |
|---|---|---|
| Gusto | 90 days | Re-authorize in Dashboard |
| QuickBooks | 100 days | Auto-refresh if accessed within window |
| Plaid (banking) | Indefinite | Revoke/re-connect if compromised |
| Stripe | Indefinite | Revoke in Stripe Dashboard if needed |
# When downloading Fondo exports locally:
# 1. Never commit to git
echo "*.csv" >> .gitignore
echo "exports/" >> .gitignore
# 2. Encrypt sensitive exports
gpg -c --cipher-algo AES256 general-ledger-2025.csv
# 3. Delete after use
shred -vfz -n 5 general-ledger-2025.csv
| Role | Access | Who |
|---|---|---|
| Owner | Full access, billing, integrations | CEO/founder |
| Admin | View/edit financials, answer questions | CFO/finance lead |
| Viewer | View-only reports | Board members, investors |
| CPA | Full access (Fondo team) | Your assigned CPA |
For production readiness, see fondo-prod-checklist.