honcho-cli
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified. The skill documents the use of the
honchoCLI for its intended purpose of workspace introspection and debugging. - [DATA_EXPOSURE]: The skill documentation identifies that sensitive configuration, including an API key, is stored in
~/.honcho/config.json. This is standard configuration for thehonchoCLI tool, and the skill does not attempt to exfiltrate this data or expose it to unauthorized parties. - [COMMAND_EXECUTION]: The skill utilizes
Bash(honcho:*)andBash(jq:*)to perform introspection tasks. These commands are used to query workspace state, session history, and peer memory, which aligns with the primary purpose of the skill and does not involve arbitrary or dangerous command execution.
Audit Metadata