Skills
skills/wojons/skills/testing-accessibility/Gen Agent Trust Hub

testing-accessibility

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute various shell commands for accessibility auditing, including npm, npx, and python-based tools.
  • [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it processes data from untrusted external URLs.
  • Ingestion points: The skill scans external URLs provided by the user using tools like pa11y, axe, and lighthouse (documented in SKILL.md).
  • Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the analyzed website content or the resulting audit reports.
  • Capability inventory: The skill has the capability to execute shell commands and file operations (documented in SKILL.md and scripts/example.sh).
  • Sanitization: No evidence of sanitization or validation of the ingested web content before processing by the agent was found.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 02:45 PM