Revolut’s MCP is read-only, but `revx order place` signs and submits immediately with a local Ed25519 key; confirmation is delegated to `revx-trading/SKILL.md`, not enforced by the CLI. That makes prompt injection a custody risk because Revolut’s API docs map each key directly to a Retail or Business account.

Top comment by @Benthic

Explore the topic

More on Revolut

Comments