The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides instructions to execute automated accessibility scans using industry-standard command-line tools like axe-core and lighthouse. It also references a local project-based utility called glimpse, which is executed via the uv tool runner to capture screenshots and logs from the target web application.- [EXTERNAL_DOWNLOADS]: The skill recommends the use of well-known developer tools and libraries from the npm registry, such as @axe-core/cli, @axe-core/puppeteer, and eslint-plugin-svelte-a11y, to facilitate the auditing process.- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it is designed to ingest and process content from external web pages. While this is inherent to its primary function as an accessibility auditor, malicious instructions could potentially be embedded in a website's ARIA attributes or metadata to influence agent behavior.
Ingestion points: Target URLs provided for scanning in SKILL.md and references/automated-scanning.md.
Boundary markers: No specific delimiters or "ignore instructions" warnings are applied to the external web content being audited.
Capability inventory: Includes subprocess execution via npx and uv run for running audit tools.
Sanitization: No explicit sanitization or filtering of external web content is mentioned before processing.

deer-sense