Skip to content

feat: add deeplink actions for recording control and Raycast extension #1814

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
fansifei wants to merge 2 commits into
base: main
Choose a base branch
from

Fix Raycast deeplink JSON encoding and other review issues

aa550d9
Select commit
Loading
Failed to load commit list.
Open

feat: add deeplink actions for recording control and Raycast extension #1814

Fix Raycast deeplink JSON encoding and other review issues
aa550d9
Select commit
Loading
Failed to load commit list.
Superagent Security / Security scan required action May 13, 2026 in 21s

PR requires security review

1 security concern(s) detected.

Details

  1. [MEDIUM] Unauthenticated deeplink action can capture screenshots (apps/desktop/src-tauri/src/deeplink_actions.rs:174)
    Do not expose screenshot capture through a globally invokable URL scheme without a trust check. Require an in-app confirmation, a short-lived nonce issued to trusted clients, or restrict this action to an authenticated IPC channel/Raycast-specific integration before calling take_screenshot.
View more details on Superagent Security