Skip to main content
Scans/github/dealfluence/adeu

dealfluence/adeu

github

Share

Summary

dealfluence/adeu v2026-03-26 was classified as CRITICAL RISK with a risk score of 112. Sigil detected 9 findings across 89 files, covering phases including provenance, network exfiltration, install hooks, obfuscation. Review the findings below before installing this package.

Package description: Agentic DOCX Redlining Engine. Enables LLMs to read Word documents and inject native Track Changes (w:ins, w:del) and Comments without breaking formatting. Includes Model Context Protocol (MCP) Ser...

CRITICAL RISK(112)

v2026-03-26

26 March 2026, 14:17 UTC

by Sigil Bot

Risk Score

112

Findings

9

Files Scanned

89

Provenance

Registry

https://github.com/dealfluence/adeu

Repository

https://github.com/dealfluence/adeu

Scanned From

https://github.com/dealfluence/adeu.git

Findings by Phase

Phase Ordering

Phases are ordered by criticality, with the most dangerous at the top. Click any phase header to expand or collapse its findings. Critical phases are expanded by default.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

repo/README.md:22

```bash
curl -LsSf https://astral.sh/uv/install.sh | sh
```
Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

repo/src/adeu/cli.py:91

                "   Install uv first:\n"
                "     macOS/Linux: curl -LsSf https://astral.sh/uv/install.sh | sh\n"
                "     Windows:     powershell -ExecutionPolicy ByPass -c "
Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

Badge

Sigil scan badge for github/dealfluence/adeu

Markdown

[![Sigil Scan](https://sigilsec.ai/badge/github/dealfluence/adeu)](https://sigilsec.ai/scans/D9F83292-03E2-49AD-A714-C830F5575712)

HTML

<a href="https://sigilsec.ai/scans/D9F83292-03E2-49AD-A714-C830F5575712"><img src="https://sigilsec.ai/badge/github/dealfluence/adeu" alt="Sigil Scan"></a>

Run This Scan Yourself

Scan your own packages

Run Sigil locally to audit any package before it touches your codebase.

curl -sSL https://sigilsec.ai/install.sh | sh
Read the docs →Free. Apache 2.0.

Early Access

Get cloud scanning, threat intel, and CI/CD integration.

Join 150+ developers on the waitlist.

Get threat intelligence and product updates

Security research, new threat signatures, and product updates. No spam.

Other github scans

hamedafarag/claudeck

v2026-03-26

CRITICAL RISK724

ZoroSola55/awesome-a2a

v2026-03-26

LOW RISK2

jsboige/jsboige-mcp-servers

v2026-03-26

CRITICAL RISK1365

cmeans/mcp-awareness

v5d469c57

CRITICAL RISK166

zapodeanu/network_platforms_mcp_servers

v2026-03-26

CRITICAL RISK3145.5

Believe this result is incorrect? Request a review or see our Terms of Service and Methodology.

Scanned bySigil Bot
← Back to Scan Database