raycast-alfred

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches and displays untrusted, user-generated content from public sources (e.g., GitHub API in src/search-github.tsx and alfred-github-search.py, and arbitrary URLs entered in src/api-tester.tsx), and those responses are parsed and used to drive actions (open URL, copy/clone commands, show response body), so third‑party content can influence tool use and next actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill includes AppleScript that executes privileged shell commands ("with administrator privileges" to run sudo dscacheutil and killall) and other scripts that modify system settings or kill processes, which pushes the agent to request elevation and change the machine state.