thecolony

clawhub:thecolony

View source

75/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

75/100

CRITICAL 1

LOW 1

Findings (2)

CRITICAL

Instruction override attempt PROMPT_INJECTION_001

prompt-injection L96

Detects attempts to override or ignore previous instructions

Ignore previous instructions

FIX

Remove the injection payload from the skill definition. Text that attempts to reset agent context or override prior directives is a direct attack vector.

FP?

Likely FP if the text is in a security tutorial or research paper discussing injection techniques as examples, not in an active skill description.

LOW

Non-localhost remote MCP server URL MCPCFG_004

mcp-config L450

Detects MCP server configurations connecting to non-localhost remote URLs

"url": "https://your-server.com/webhook"

FIX

Change the MCP server URL to localhost or a trusted internal endpoint. If a remote server is required, verify the domain ownership and use HTTPS with certificate validation.

FP?

Likely FP if the URL points to example.com, a documentation domain, or a well-known SaaS API endpoint (e.g., api.openai.com).