a11y-debugging
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches accessibility guidelines from
web.dev, which is a well-known service for web development documentation. - [COMMAND_EXECUTION]: Uses a local Node.js one-liner to filter results from a Lighthouse audit report file generated during the auditing process.
- [REMOTE_CODE_EXECUTION]: Employs
evaluate_scriptto perform targeted accessibility checks within the browser. These scripts are statically defined within the skill and do not fetch or execute arbitrary remote code. - [PROMPT_INJECTION]: Evaluated for indirect prompt injection risks. Ingestion points: Web pages via snapshots and console messages. Boundary markers: None. Capability inventory: Browser-side script execution and local report processing via Node.js. Sanitization: Not explicitly defined. The skill's behavior is limited to data extraction for auditing purposes, presenting a low risk profile.
Audit Metadata