zeude
Fail
Audited by Snyk on Jun 17, 2026
Risk Level: CRITICAL
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 1.00). The prompt instructs embedding secrets verbatim (agent keys in the curl installer, and Supabase/ClickHouse credentials in .env/DSNs), which requires the LLM to handle/output secret values directly.
CRITICAL E005: Suspicious download URL detected in skill instructions.
- Suspicious download URL detected (high risk: 0.90). Suspicious — the list includes a direct raw.githubusercontent.com install.sh intended to be piped to bash (remote executable script) and GitHub repos/clone URLs for third‑party shims that intercept CLI commands (allowing arbitrary code execution and potential data exfiltration), which are high-risk unless you fully trust and have audited the repos.
CRITICAL E006: Malicious code pattern detected in skill scripts.
- Malicious code pattern detected (high risk: 0.90). The project intentionally captures every Claude prompt via OpenTelemetry and uploads it to external analytics, installs a local "Shim" that intercepts the claude CLI and auto-syncs/auto-updates skills and hooks from a central dashboard (deployed remotely via an agent key and a curl|bash installer), which together constitute clear data-exfiltration capability and a remote code-deployment/backdoor vector that can push executable hooks or skills to end users.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill instructs running a remote installer that fetches and immediately executes a script via curl -fsSL https://raw.githubusercontent.com/zep-us/zeude/main/install.sh | bash ..., which runs remote code at install time and is presented as the supported per-developer installation method (required for the Zeude Shim), so it directly executes external code during runtime.
Issues (4)
W007
HIGHInsecure credential handling detected in skill instructions.
E005
CRITICALSuspicious download URL detected in skill instructions.
E006
CRITICALMalicious code pattern detected in skill scripts.
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata