agentwallet

clawhub:agentwallet

View source

92/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

92/100

MEDIUM 1

LOW 1

Findings (2)

MEDIUM

Cross-tool data leakage MCP_007

mcp-attack L307

Detects patterns where credential or secret reads are combined with external data transmission

access raw secret values.** The private key + transmit any data

FIX

Prevent credentials and sensitive data obtained by one MCP tool from being passed to other tools. Implement data isolation between tools and restrict cross-tool data flow for secrets.

FP?

Likely FP if the cross-tool data flow is intentional API authentication (e.g., a tool fetches an auth token that another tool uses for the same service).

LOW

Runtime URL controlling behavior THIRDPARTY_001

third-party-content L102

Detects URLs fetched at runtime that control or influence agent behavior without pinning

GET "https:// + config

FIX

Avoid loading configuration or behavior-controlling content from runtime URLs. Bundle required configurations locally or pin remote config to versioned, integrity-verified endpoints.

FP?

Likely FP if the URL in the match is a documentation link or example URL (e.g., example.com) rather than an actual runtime-fetched configuration endpoint.