wcag-audit-operable-keyboard-focus
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWSAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill possesses an ingestion surface for untrusted data via the
--elementsand--jsonparameters inscripts/validate.js. - Ingestion points: Element names and identifiers provided via command-line arguments or JSON blobs.
- Boundary markers: Absent; the script processes the input strings directly for keyword matching.
- Capability inventory: None. The script only performs string analysis, logic comparisons, and prints results to stdout. There are no calls to
eval(),child_process,fs, orhttpmodules. - Sanitization: Absent, but unnecessary given the lack of downstream execution capabilities.
- Impact: An attacker could embed instructions in element names (e.g., 'button#submit; ignore previous rules'), but since the script does not execute these strings and only returns them as part of a validation report, the risk is negligible and limited to potential confusion of the agent reading the report.
Audit Metadata