First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
3
Score
84/100
Findings (3)
Section claims authority and urgency with dangerous instructions
name: honcho-setup
description: >
Install the @honcho-ai/openclaw-honcho plugin and migrate legacy file-based
memory to Honcho. UPLOADS WORKSPACE CONTENT TO EXTERNAL API: Sends
USER.md, MEMORY.md, IDE...Remove false authority claims (e.g., claiming administrator or root-level access) from tool descriptions. Tool descriptions should describe capabilities, not claim elevated roles.
Likely FP if the matched text is documentation explaining role-based access control concepts or describing user personas, not impersonating a system role.
Detects patterns where credential or secret reads are combined with external data transmission
read ONLY the `HONCHO_API_KEY + Upload
- **What is uploaded**: ContentPrevent credentials and sensitive data obtained by one MCP tool from being passed to other tools. Implement data isolation between tools and restrict cross-tool data flow for secrets.
Likely FP if the cross-tool data flow is intentional API authentication (e.g., a tool fetches an auth token that another tool uses for the same service).
Detects URLs fetched at runtime that control or influence agent behavior without pinning
get a key at https:// + templateAvoid loading configuration or behavior-controlling content from runtime URLs. Bundle required configurations locally or pin remote config to versioned, integrity-verified endpoints.
Likely FP if the URL in the match is a documentation link or example URL (e.g., example.com) rather than an actual runtime-fetched configuration endpoint.