You'd be violating almost every site's Terms-Of-Service (TOS) using this. If you use it for banking, you'll never get any money back you lost.

> Credential encryption handled for you

Ugg. Especially with a README (and post) that's clearly LLM generated.

> Encryption at rest (AES-128-CBC)

AES-128 is entirely discouraged by OWASP (ideally AES-256), while CBC (and CTR) modes are likewise discouraged in favour of GCM/CCM.. for something that's holding credentials to payment systems or banks - you should be exceeding acceptable (AES128 was approved in 2001 - try ChaCha20, ThreeFish)