raycast-mcp-server
by ExpertVagabond
Overview
Facilitates advanced Raycast workflow automation and integration with AI assistants on macOS by exposing Raycast and system functionalities as tools.
Installation
node dist/index.jsEnvironment Variables
- RAYCAST_API_KEY
- RAYCAST_TEAM_ID
- GITHUB_TOKEN
- NOTION_TOKEN
- FIGMA_TOKEN
- SLACK_TOKEN
- LINEAR_TOKEN
- JIRA_TOKEN
Security Notes
The server has critical security vulnerabilities. It directly executes shell commands (`execAsync`) with user-provided input in several tools (`raycast_extensions publish`, `raycast_search`, `raycast_clipboard copy`, `raycast_shortcut`). This exposes the server to: 1. Path traversal for arbitrary file reading (`raycast_extensions publish`) if `publish_path` is manipulated. 2. AppleScript/shell injection if inputs like `query`, `text`, or `custom_key` contain malicious characters that can break out of quoted strings within the `osascript` or `echo` commands. These vulnerabilities could allow an attacker (or a misbehaving AI) to execute arbitrary commands or read sensitive files on the host system. It is NOT safe to run without significant security fixes, including robust input sanitization and validation, or using safer execution methods that don't directly concatenate user input into shell commands.
Similar Servers
5ire
A desktop AI assistant client that integrates with various LLM providers and connects to Model Context Protocol (MCP) servers for extended tool-use and knowledge base capabilities.
XcodeBuildMCP
Provides an MCP (Model Context Protocol) server for AI agents and other clients to programmatically build, test, run, and debug iOS and macOS applications, manage simulators/devices, and capture logs.
mesh
An open-source control plane for Model Context Protocol (MCP) traffic, providing unified authentication, routing, observability, and tool management for AI agents and integrations across various services.
ncp
NCP acts as a universal adapter and orchestrator for Model Context Protocol (MCP) servers and tools. It provides a unified interface for discovery, execution, and management of diverse tools (local CLI, HTTP APIs, internal plugins/Photons, AI skills) through natural language and structured code interaction, enabling AI agents to interact with the broader digital ecosystem.