First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
3
Score
69/100
Findings (3)
Detects instructions to decode and execute base64 content
follow the base58→base64Remove text that simulates multi-turn conversations or fake user/assistant message pairs. These patterns attempt to manipulate the agent by fabricating conversation history.
Likely FP if the matched text is documentation showing example conversations or API request/response formats for illustration purposes.
Section claims authority and urgency with dangerous instructions
name: traderouter
description: >
Solana swap execution, MEV-protected transaction submission, wallet scanning, and market-cap-based
limit/trailing orders via the TradeRouter API. Use when the user wan...Remove false authority claims (e.g., claiming administrator or root-level access) from tool descriptions. Tool descriptions should describe capabilities, not claim elevated roles.
Likely FP if the matched text is documentation explaining role-based access control concepts or describing user personas, not impersonating a system role.
Detects base64 encoding of content followed by transmission
base64 encode + fetch(Block patterns that base64-encode data and immediately transmit it. If base64 encoding is needed, ensure the encoded data does not contain secrets and destinations are allowlisted.
Likely FP if base64 encoding is used for legitimate purposes like encoding images for display or constructing data URIs, with no network transmission.