Skills
skills/southleft/figma-console-mcp-skills/figma-scan-code-accessibility/Gen Agent Trust Hub

figma-scan-code-accessibility

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements a standalone accessibility scanner using well-known, trusted industry-standard libraries: axe-core and jsdom. These are legitimate tools used for development and testing.
  • [SAFE]: File access is restricted to reading HTML files provided by the user via command-line arguments, which is standard functionality for a command-line interface (CLI) tool.
  • [SAFE]: The script configures JSDOM with the runScripts: 'dangerously' option. While this allows scripts within the provided HTML to execute, it is a documented and necessary requirement for the axe-core engine to run its diagnostic rules inside the virtualized DOM environment.
  • [SAFE]: The tool operates entirely locally on the provided HTML strings or files, with no evidence of data exfiltration, credential harvesting, or unauthorized network communication.
  • [SAFE]: No obfuscation, persistence mechanisms, or privilege escalation patterns were detected in the scripts or instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:56 AM
Security Audit — agent-trust-hub — figma-scan-code-accessibility