zeet
Warn
Audited by Socket on Apr 3, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS. The skill is broadly consistent with Zeet management, and its install path uses an official npm package rather than an unverifiable binary. The main concern is data-flow integrity: Zeet operations and credentials are mediated through Membrane’s proxy/control plane instead of going directly to Zeet, creating a third-party gateway with broad visibility and action capability. This is not confirmed malware, but it carries medium security risk due to proxy-based credential handling and unpinned `latest` execution examples.
Confidence: 86%Severity: 58%
Audit Metadata