honcho-setup

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's setup command uploads workspace memory to api.honcho.dev (or a user-configured HONCHO_BASE_URL) and the Honcho service is then queried at runtime (honcho_recall/honcho_search) to provide memory that will be injected into agent context and thus directly influence prompts — flagged URL: https://api.honcho.dev (and configurable HONCHO_BASE_URL).