raycast

The OpenClaw AgentSkills skill bundle for Raycast extensions is classified as benign. While it exposes powerful Raycast APIs that can access sensitive system resources (e.g., clipboard, browser tabs, file system, window management) and external AI/OAuth services, the documentation and code examples consistently demonstrate their use for legitimate, stated purposes. Crucially, the instructions in `SKILL.md` and API references (e.g., `ai.md`, `browser-extension.md`, `tool.md`) explicitly guide the AI agent to implement security best practices, such as checking `environment.canAccess()` before using restricted APIs and utilizing `Tool.Confirmation` for actions with side-effects. There is no evidence of intentional harmful behavior, data exfiltration to unauthorized endpoints, persistence mechanisms, or obfuscation.