KolShek CLI Documentation
Complete reference for every command, flag, and integration in KolShek.
kolshek init to set up your first provider.
Global Options
All commands support these flags:
| Flag | Description |
|---|---|
--json | Output structured JSON |
-q, --quiet | Suppress non-essential output |
--no-color | Disable ANSI colors |
--no-progress | Disable spinners and progress bars |
--non-interactive | Never prompt; fail if input needed |
--no-auto-fetch | Skip automatic fetch on stale data |
--version | Show version |
init
First-run setup wizard — configure your first provider.
kolshek initproviders
Manage bank and credit card providers.
providers list
List configured providers.
providers add
Add a new bank or credit card provider.
| Option | Description |
|---|---|
--visible | Show the browser window (needed for OTP / 2FA) |
providers auth <id>
Set or update credentials for an existing provider.
| Option | Description |
|---|---|
--visible | Show the browser window (needed for OTP / 2FA) |
providers remove <id>
Remove a configured provider.
providers test <id>
Test provider credentials.
| Option | Description |
|---|---|
--visible | Show the browser window (needed for OTP / 2FA) |
fetch [providers...]
Fetch transactions from all or specific providers.
kolshek fetch # all providers
kolshek fetch leumi visa-cal # specific providers
kolshek fetch --from 30d # last 30 days| Option | Description |
|---|---|
--from <date> | Start date (YYYY-MM-DD, DD/MM/YYYY, or 30d) |
--to <date> | End date |
--force | Re-fetch even if recently synced |
--type <type> | Fetch only bank or credit_card |
--stealth | Use stealth browser to avoid bot detection |
--visible | Show the browser window (helps bypass bot detection) |
accounts alias: bal
Show accounts and balances.
| Option | Description |
|---|---|
--provider <name> | Filter by provider company ID |
--type <type> | Filter by provider type (bank | credit_card) |
transactions alias: tx
List, search, and export transactions.
transactions list
List transactions with filters.
| Option | Description |
|---|---|
--from <date> | Start date |
--to <date> | End date |
--provider <name> | Filter by provider company ID |
--type <type> | Filter by provider type (bank | credit_card) |
--account <number> | Filter by account number |
--min <amount> | Minimum charged amount |
--max <amount> | Maximum charged amount |
--status <status> | Filter by status (pending | completed) |
--sort <field> | Sort by date or amount (default: date) |
--limit <n> | Maximum rows to return |
transactions search <query>
Search transactions by description.
| Option | Description |
|---|---|
--from <date> | Start date |
--to <date> | End date |
--provider <name> | Filter by provider |
--limit <n> | Maximum results |
transactions delete <id>
Delete a transaction by ID. Use only for duplicates or erroneous records.
| Option | Description |
|---|---|
--yes | Skip confirmation prompt |
transactions export <format>
Export transactions to CSV or JSON.
| Option | Description |
|---|---|
--from <date> | Start date |
--to <date> | End date |
--provider <name> | Filter by provider |
--type <type> | Filter by provider type |
--output <path> | Write to file instead of stdout |
db
Inspect database schema (tables and columns).
db tables
List available tables.
db schema <table>
Show column details for a table.
query <sql> alias: sql
Run a read-only SQL query. Supports SELECT, WITH, EXPLAIN, PRAGMA, and VALUES.
kolshek query "SELECT * FROM transactions ORDER BY date DESC LIMIT 10"
kolshek sql "SELECT category, SUM(chargedAmount) FROM transactions GROUP BY category"| Option | Description |
|---|---|
--limit <n> | Maximum rows to return |
reports alias: report
Financial analysis reports.
reports monthly
Monthly income/expenses/net breakdown.
| Option | Description |
|---|---|
--from <date> | Start date |
--to <date> | End date |
--type <type> | Filter by provider type (bank | credit_card) |
reports categories
Expense breakdown by category.
| Option | Description |
|---|---|
--from <date> | Start date |
--to <date> | End date |
--type <type> | Filter by provider type (bank | credit_card) |
reports merchants
Top merchants by spend.
| Option | Description |
|---|---|
--from <date> | Start date |
--to <date> | End date |
--type <type> | Filter by provider type (bank | credit_card) |
--limit <n> | Number of merchants to show (default: 20) |
reports balance
Account balances with 30-day activity summary.
categorize alias: cat
Manage category rules and apply them to transactions.
categorize rule add <category>
Create a category rule.
| Option | Description |
|---|---|
--match <pattern> | Substring match on description |
--match-exact <pattern> | Exact match on description |
--match-regex <pattern> | Regex match on description |
--memo <pattern> | Substring match on memo |
--account <account> | Account filter (e.g. leumi:12345) |
--amount <number> | Exact amount match |
--amount-min <number> | Minimum amount (inclusive) |
--amount-max <number> | Maximum amount (inclusive) |
--direction <dir> | Direction filter: debit or credit |
--priority <number> | Rule priority (higher = evaluated first, default: 0) |
categorize rule list
List all category rules.
categorize rule remove <id>
Delete a category rule.
categorize rule import [file]
Bulk-import category rules from JSON file or stdin.
| Option | Description |
|---|---|
--dry-run | Validate and preview rules without importing |
categorize apply
Run category rules on transactions.
| Option | Description |
|---|---|
--all | Re-apply rules to all transactions, not just uncategorized |
--from-category <name> | Re-apply only to transactions in this category |
--dry-run | Preview changes without modifying data |
categorize rename <old> <new>
Rename or merge a category (updates transactions and rules).
| Option | Description |
|---|---|
--dry-run | Show what would change without modifying data |
categorize migrate
Bulk rename/merge categories from a JSON mapping file.
| Option | Description |
|---|---|
--file <path> | (required) JSON file with { oldName: newName } mapping |
--dry-run | Preview changes without modifying data |
categorize reassign
Force-reassign transactions matching a pattern to a new category.
| Option | Description |
|---|---|
--match <pattern> | Substring to match against description |
--to <category> | Target category |
--file <path> | JSON file with reassignment mappings |
--dry-run | Preview changes without modifying data |
categorize list
Show categories with transaction counts, totals, and source.
translate alias: tr
Manage Hebrew-to-English translation rules for transaction descriptions.
translate rule add <english>
Create a translation rule.
| Option | Description |
|---|---|
--match <pattern> | (required) Hebrew substring pattern to match |
translate rule list
List all translation rules.
translate rule remove <id>
Delete a translation rule.
translate rule import [file]
Bulk-import translation rules from JSON file or stdin.
translate apply
Run translation rules on transactions with NULL description_en.
schedule
Manage automatic fetch scheduling.
schedule set
Register a recurring fetch task with the OS scheduler.
| Option | Description |
|---|---|
--every <interval> | (required) Fetch interval (e.g. 6h, 12h, 24h) |
schedule remove
Unregister the recurring fetch task.
schedule status
Show current schedule status.
plugin
Manage AI agent integrations.
plugin install <tool>
Install AI plugin for a tool.
kolshek plugin install claude-code
kolshek plugin install cursor
kolshek plugin install gemini-cliSupported tools: claude-code, openclaw, cursor, gemini-cli, antigravity, opencode, aider, windsurf.
plugin list
List available tool integrations.
spending [month]
Spending breakdown by category, merchant, or provider.
kolshek spending # current month
kolshek spending 2026-01 # specific month
kolshek spending -m 3 # 3 months ago| Option | Description |
|---|---|
--group-by <field> | Group by: category (default), merchant, provider |
--category <name> | Filter to a specific category |
--top <n> | Limit to top N groups |
--type <type> | Filter by provider type (bank | credit_card) |
--lifestyle | Exclude categories marked as non-spending |
-m, --month-offset <n> | Months ago (e.g. -m 3) |
spending exclude add <category>
Mark a category as non-spending.
spending exclude remove <category>
Remove a category from the exclusion list.
spending exclude list
Show all excluded categories.
income [month]
Income breakdown with salary detection (bank accounts only by default).
| Option | Description |
|---|---|
--salary-only | Show only salary/wage transactions |
--include-refunds | Also show CC refunds (separate section) |
-m, --month-offset <n> | Months ago (e.g. -m 3) |
trends [months]
Multi-month cashflow and spending trend analysis. Default: 6 months.
| Option | Description |
|---|---|
--mode <mode> | Analysis mode: total (default), category, fixed-variable |
--category <name> | Track specific category (implies --mode category) |
--type <type> | Filter by provider type (bank | credit_card) |
insights
Financial alerts and recommendations based on spending patterns.
| Option | Description |
|---|---|
--months <n> | Lookback period in months (default: 3) |
update
Self-update KolShek to the latest release. Downloads the correct binary for your platform from GitHub and replaces the current executable in-place.
| Option | Description |
|---|---|
--check | Only check for updates without installing |
Security Model
KolShek handles real bank credentials. Security is not optional.
Credential Storage
Credentials are stored using a layered strategy:
- Environment variables (CI/automation) — checked first via
KOLSHEK_CREDENTIALS_JSON - OS keychain (primary) — Windows Credential Manager, macOS Keychain, or Linux
secret-tool - Encrypted file (fallback) — AES-256-GCM encrypted local file when no keychain is available
Credentials are never logged, never included in error messages, and zeroed from memory after use.
File Permissions
Database and config files are restricted to owner-only access:
- Windows:
icaclsremoves inherited permissions, grants full control only to the current user - Unix:
chmod 600for files,chmod 700for directories
Read-Only Query Command
The kolshek query command enforces read-only access:
- Only
SELECT,WITH,EXPLAIN,PRAGMA, andVALUESare allowed INSERT,UPDATE,DELETE,DROP,ALTER,CREATEare blocked- PRAGMA restricted to a whitelist of read-only pragmas
- Table names in
db schemavalidated against[a-z_]+
Web Dashboard Security
- Localhost only —
Bun.serve()binds tohostname: "localhost" - CSRF protection — Origin header checked on all non-GET/HEAD requests
- Security headers —
X-Content-Type-Options: nosniffandX-Frame-Options: DENY - XSS prevention — all user-controlled content is HTML-escaped
- Parameterized SQL — all operations use prepared statements
Dependency Pinning
Critical dependencies are pinned to exact versions to prevent supply-chain attacks. israeli-bank-scrapers-core is pinned to 6.7.1 (no caret).
AI Agent Integration
KolShek is built for AI agents. Every command supports --json for structured output, and the query and db commands give agents direct SQL access.
Install a Plugin
kolshek plugin install claude-code
kolshek plugin install cursor
kolshek plugin install gemini-cliRun kolshek plugin list to see all available integrations.
Structured Output
Every command supports --json, returning a consistent envelope:
{
"success": true,
"data": { ... },
"metadata": { "count": 42, "from": "2026-01-01", "to": "2026-03-16" }
}Errors follow the same pattern:
{
"success": false,
"error": {
"code": "AUTH_FAILED",
"message": "Authentication failed for provider hapoalim",
"retryable": false,
"suggestions": ["Run 'kolshek providers test hapoalim'"]
}
}Schema Discovery
Agents can discover the database schema without prior knowledge:
kolshek db tables --json
kolshek db schema transactions --jsonExit Codes
| Code | Meaning |
|---|---|
0 | Success |
1 | General error |
2 | Bad arguments |
3 | Auth failure |
4 | Timeout |
5 | Blocked by provider |
10 | Partial success (some providers failed) |
Non-Interactive Mode
kolshek fetch --non-interactive --jsonIf input is required (e.g., OTP), the command fails with exit code 3 instead of hanging.
Web Dashboard
Browser UI for managing providers, categories, and translations.
Quick Start
kolshek dashboardOpens a local web server (default: http://localhost:5556) with three pages:
- Providers — add, edit, remove, and test bank/credit card connections; fetch with real-time progress
- Categories — create category rules, view spending breakdowns, reassign transactions
- Translations — manage Hebrew-to-English merchant name mappings
Provider Management
- Add providers by selecting a bank/credit card and entering credentials
- Test connections before saving
- Fetch transactions with real-time SSE progress
Category Rules
- Match on description, memo, amount, account, or direction
- Substring, exact, and regex matching
- Priority-based rule evaluation
- Apply to uncategorized or re-apply to all
Translation Rules
- Map Hebrew merchant names to English
- View untranslated descriptions grouped by frequency
- One-click rule creation from untranslated list
Architecture
Built with Bun.serve() (localhost-only HTTP server), HTMX (dynamic updates without a JS framework), Tailwind CSS v4, and SSE for real-time fetch progress. All data stays local.