Detect rugpulls and honeypots from Claude Desktop

Claude Desktop natively speaks the Model Context Protocol. Once Hive's MCP server is registered, Claude can call get_token_security and detect_rugpull on any contract address — pulling honeypot logic checks, owner mint permissions, LP-lock status, and a derived risk score from GoPlus before recommending a swap. The two-tool flow takes one user prompt and one MCP round-trip; agents using single-provider MCPs (CoinGecko MCP, Moralis Cortex) cannot run this check because they don't expose security tools. The result is grounded — every response includes a fetched_at timestamp — so Claude is reasoning over real on-chain state, not training-cutoff data.

Client: Claude Desktop · Use case: Token security

Hive tools used

• get_token_security — Returns the GoPlus security report — is_honeypot, buy_tax, sell_tax, owner_change_balance, transfer_pausable, and the full risk envelope.
• detect_rugpull — Aggregates GoPlus + on-chain liquidity + contract metadata into a single rugpull_risk_score with structured signal flags.

Steps

1. Install Hive in Claude Desktop

   Add Hive's MCP block to ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%/Claude/claude_desktop_config.json (Windows). The config is one JSON block plus your API key. See the Claude Desktop install guide for the exact path and snippet.

   {
     "mcpServers": {
       "hive": {
         "command": "npx",
         "args": ["-y", "hive-intelligence@latest"],
         "env": { "HIVE_API_KEY": "YOUR_HIVE_API_KEY" }
       }
     }
   }

2. Restart Claude Desktop

   After saving the config, fully quit Claude Desktop (Cmd-Q on macOS) and reopen. Hive's tool surface appears under the tools menu within a few seconds — Claude calls tools/list at startup and discovers every Hive tool automatically.

3. Ask Claude to scan a token

   In a new chat, paste the contract address you want to check and tell Claude what you want. Claude reads the address, picks the right Hive tools, calls them, and synthesizes the result into plain English. No code on your side.

4. Read the structured response

   Claude renders the GoPlus + Hive risk envelope as a readable summary: green flags for safe contracts, yellow for caution (sell tax 5-15%, recent ownership change), red for honeypot or active drain risk. Specific values (buy_tax, sell_tax, lp_holders) are quoted inline so you can verify against block explorers.

5. Decide based on the score

   For agents that auto-execute trades, gate the swap behind rugpull_risk_score < 30 and is_honeypot === false. For human-in-the-loop usage, Claude's plain-English summary is enough to make the call in seconds.

Example prompt

Is 0x...abc safe to buy on Ethereum? Check honeypot status, ownership flags, and LP locks before I commit any USDC.

Sample synthesized output

I checked 0x...abc with Hive\'s security tools (fetched_at: 2026-05-03T14:23:18Z):

- is_honeypot: false (sell transactions confirmed via simulation)
- buy_tax: 1%, sell_tax: 1% (no extreme tax)
- transfer_pausable: false (no pause backdoor)
- owner_change_balance: false
- can_take_back_ownership: true ⚠ (deployer retains upgradeability — moderate risk)
- LP holders: 4 (LP not locked or burned — moderate risk)
- rugpull_risk_score: 38/100 (caution)

This token is not a honeypot, but the deployer retains contract control and the LP is unlocked. I would not size more than 0.5% of portfolio here without a separate audit.

Related glossary terms

• honeypot
• rugpull
• tool-call
• fetched-at

Related recipes

• Pre-signing token safety from Windsurf

See also

• All recipes — every Hive × AI client combination
• Hive for AI agents — install paths and capability overview
• Comparisons hub — Hive vs alternatives