> the banks will want to move the entire flow into whatever secure device, enclave, or "agent" they supply - meanwhile, the whole point of me having a general-purpose computer is to be able to do general-purpose computing that I want within this flow.

Sure, you should definitely be able to do what you want with your computer, but you're actually demanding more here (at least in the case of transaction initiation and confirmation): For others to also trust the outcome of whatever you did on your own computer.

Banks are often legally required to cover losses resulting from unauthorized account access, so I can somewhat understand them wanting to minimize the chance of that happening. Sandboxed trusted computing, when done well, can strike that compromise much better than annoying non-solutions like root detection heuristics or invasive full-system attestation.

> As far as I know it, there's no way of making it happen without breaking sandboxing or otherwise hacking the app and/or API endpoints in a way that's likely to break, and likely to get you in trouble with the bank.

Banks should probably be required to make such a read-only API available (and in the EU, they are, to some extent – unfortunately only to "trusted", i.e. regulated and registered, service providers, raising the old question of who determines who is and isn't trusted). This is a very different story from transaction initiation.

Unfortunately, there are also caveats here. It's getting more and more common for companies to require me to "connect my bank account", which often means nothing less than granting them full and persistent account view access.

I think having the API still outweighs the downsides of others also starting to make demands for that access, but it's a slippery slope. For example, Airbnb not too long ago wanted full access to all(!) my Chase accounts to "verify my credit card".