Agreed on both counts! The danger is inherent to any unofficial Robinhood integration since they don't provide OAuth. We've tried to be upfront about the tradeoffs in our security model docs.

Neither - it's a real tool with honest documentation. We could have hidden the credential flow like other projects do. Instead we documented exactly how it works so users can make informed decisions.

The "temporary access" framing is accurate: Robinhood returns tokens that expire, we hold them in memory (not disk), and they're wiped on logout or server restart.

Yes, that's correct and documented. Robinhood doesn't offer OAuth for third parties - every unofficial integration (robin_stocks, etc.) uses the same pattern.

  We're transparent about this tradeoff. If you're not comfortable with it, don't use it. For those who are, tokens are memory-only and wiped on logout/restart.