I’m thinking about installing an extension off of Magento Connect, but would first like to know if there is a screening process before the extensions are posted to ensure no malicious activity is being perpetrated within the extension’s code.
For free extensions we check for file integrity to make sure that the package works. We check to be sure that it meets all the guidelines, review the landing page url (for paid extensions) but we do not test every extension for functionality.
The best thing to do is look at the extension reviews, read the description completely and make sure that you have a person to contact for support.
It would be difficult to test functionality for every extension as no two setups for CE are alike. With Magento 2.0 extensions (1.5 or higher versions of magento) we provide support for dependencies. You can read more here: http://www.magentocommerce.com/wiki/7_-_magento_connect/differences_in_magento_connect_versions so if there is a problem with the extension you are attempting to install—our system should be able to warn you.
This is why we don’t suggest manual installations and to use Magento Connect.
If you have any questions, I’m rhonda at magento dot com
