Warn user not to send the secret directly
When the user is doing the SMP sequence, they are asked to come up with a secret and use a trusted channel (in this case Totem) to send it to the bot, then start SMP from Pidgin. From personal experience it seems that users tend to do things like sending the password to the other party (in this case the bot), to "prove" they both know the secret, (understandably) not understanding that this defeats the purpose of OTR. If the user shares the secret in a chat message, they should be warned to never do that again.