skills/akillness/jeo-skills/zeude/Gen Agent Trust Hub

zeude

Fail

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The documentation provides a command to fetch a shell script from a remote URL (https://raw.githubusercontent.com/zep-us/zeude/main/install.sh) and pipe it directly into bash. This pattern bypasses manual review of the script's contents and executes code from a repository that is not part of the established vendor ecosystem for this skill.
  • [COMMAND_EXECUTION]: The skill utilizes a 'Zeude Shim' designed to intercept and wrap the primary CLI commands. This mechanism could potentially be used to monitor user input or modify command behavior without explicit oversight.
  • [INDIRECT_PROMPT_INJECTION]: The skill implements hooks (UserPromptSubmit) that analyze user prompts at runtime to deliver context-aware suggestions. This creates an ingestion surface where untrusted data (the prompt) is processed to determine agent actions (skill deployment).
  • Ingestion points: User prompts via hook analysis.
  • Boundary markers: None specified in the instructions.
  • Capability inventory: Access to Bash, Write, Read, and the ability to sync configurations to ~/.claude/.
  • Sanitization: No evidence of sanitization or intent-validation for the processed prompts.
Recommendations
  • HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/zep-us/zeude/main/install.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 17, 2026, 07:06 AM
Security Audit — agent-trust-hub — zeude