honeypot-detector-mcp

check_honeypot

Analyze token addresses on Ethereum, BSC, and Base to detect honeypot risks using honeypot.is API. Identify potential scams with detailed analysis results.

Instructions

Check if a token address is a honeypot using honeypot.is API

Supports tokens on Ethereum, Binance Smart Chain (BSC) and Base.

Args:
    address: Token address to check (e.g., 0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48)

Returns:
    Markdown string containing honeypot analysis results

Input Schema

TableJSON Schema

Name	Required	Description	Default
`address`	Yes

Implementation Reference

main.py:29-68 (handler)

The handler function for the 'check_honeypot' tool. It validates the address, fetches data from honeypot.is API using a helper function, extracts key fields like honeypot status, taxes, and formats the results as Markdown. Registered via @mcp.tool() decorator.

@mcp.tool()
async def check_honeypot(address: str, ctx: Context) -> str:
    """Check if a token address is a honeypot using honeypot.is API

    Supports tokens on Ethereum, Binance Smart Chain (BSC) and Base.

    Args:
        address: Token address to check (e.g., 0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48)

    Returns:
        Markdown string containing honeypot analysis results
    """
    ctx.info(f"Checking honeypot status for address {address}")

    # Validate address format (basic check)
    if not address.startswith("0x") or len(address) != 42:
        raise ValueError("Invalid address format")

    data = await fetch_honeypot_data(address, ctx)
    
    # Extract relevant fields
    is_honeypot = data.get("honeypotResult", {}).get("isHoneypot", False)
    risk = data.get("summary", {}).get("risk", "unknown")
    token_name = data.get("token", {}).get("name", "Unknown")
    buy_tax = data.get("simulationResult", {}).get("buyTax", "N/A")
    sell_tax = data.get("simulationResult", {}).get("sellTax", "N/A")
    transfer_tax = data.get("simulationResult", {}).get("transferTax", "N/A")
    is_open_source = data.get("contractCode", {}).get("openSource", "Unknown")

    # Format as Markdown
    result = f"""# Honeypot Analysis for {token_name}
- **Address**: {address}
- **Is Honeypot**: {is_honeypot}
- **Risk Level**: {risk}
- **Buy Tax**: {buy_tax}
- **Sell Tax**: {sell_tax}
- **Transfer Tax**: {transfer_tax}
- **Contract Code Open Source**: {is_open_source}
"""
    return result

main.py:17-28 (helper)

Helper function that performs the HTTP request to the honeypot.is API to retrieve honeypot analysis data for a given token address.

async def fetch_honeypot_data(address: str, ctx: Context) -> Dict[str, Any]:
    """Fetch data from honeypot.is API"""
    async with httpx.AsyncClient() as client:
        headers = {"X-API-KEY": API_KEY} if API_KEY else {}
        params = {"address": address}
        try:
            response = await client.get(HONEYPOT_API_URL, headers=headers, params=params)
            response.raise_for_status()
            return response.json()
        except httpx.HTTPStatusError as e:
            raise ValueError(f"API request failed: {str(e)}")

main.py:29-29 (registration)
The @mcp.tool() decorator registers the check_honeypot function as an MCP tool.
```
@mcp.tool()
```

Tool Definition Quality

A4/5.0

Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden. It discloses the API source (honeypot.is) and supported networks, which is useful context, but does not mention rate limits, authentication needs, error handling, or what constitutes a 'honeypot' analysis. It adds some behavioral insight but leaves gaps.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is appropriately sized and front-loaded: the first sentence states the core purpose, followed by supported networks and a structured Args/Returns section. Every sentence adds value without redundancy, making it efficient and easy to parse.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's moderate complexity (single parameter, no output schema, no annotations), the description is fairly complete: it covers purpose, supported networks, parameter semantics, and return format. However, it lacks details on behavioral aspects like rate limits or error cases, which would enhance completeness for an API-based tool.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The schema description coverage is 0%, so the description must compensate. It provides the parameter 'address' with a clear example (e.g., 0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48) and explains it as 'Token address to check', adding meaningful context beyond the bare schema. However, it does not detail format constraints or validation rules.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the specific action ('Check if a token address is a honeypot') and resource ('using honeypot.is API'), with explicit mention of supported networks (Ethereum, BSC, Base). It distinguishes itself by specifying the API source and scope, though no sibling tools exist for comparison.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description implies usage by specifying supported networks and providing an example address, but lacks explicit guidance on when to use this tool versus alternatives (e.g., other security checks) or any prerequisites. Since no sibling tools exist, the context for alternatives is limited.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

check_honeypotA

Related Tools

checkMaliciousAddress
@NaniDAO/agentek
getTokensBalance
@0xGval/evm-mcp-tools
securityCheckC
@TermiX-official/bsc-mcp
get_address_info
@blockscout/mcp-server
goplusanalysisagent_fetch_security_detailsC
@heurist-network/heurist-mesh-mcp-server
getTokenInfo
@0xGval/evm-mcp-tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/kukapay/honeypot-detector-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server