raycast-extensions
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a documentation resource that provides templates and instructions for developing Raycast extensions. All operations are performed through the official and sandboxed Raycast API.
- [PROMPT_INJECTION]: No patterns designed to override agent behavior, bypass safety filters, or extract system instructions were detected in the skill's markdown or code snippets.
- [EXTERNAL_DOWNLOADS]: The skill references the official
@raycast/apipackage, which is necessary for its stated purpose. No untrusted external dependencies or remote execution patterns were found. - [DATA_EXFILTRATION]: The skill uses Raycast's native
LocalStorageandCachefor data management. No code patterns for unauthorized data access or transmission to external servers were identified. - [COMMAND_EXECUTION]: No shell command execution or subprocess spawning is present. The skill logic is confined to safe UI and utility components provided by the Raycast environment.
- [CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or sensitive credentials were found in the skill's code examples or metadata.
Audit Metadata