accessibility
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is focused on improving web accessibility and follows industry-standard WCAG 2.2 guidelines. All documentation and external references point to trusted organizations such as the W3C and Deque Systems.
- [COMMAND_EXECUTION]: The skill uses local shell commands like
catto manage a memory protocol within the.claude/context/memory/directory. This is used solely for maintaining agent state across sessions and does not involve exfiltration or unauthorized access to system-wide files. - [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection by reading project files. Ingestion points: Project source code is read from
src/**/*.*using theReadtool. Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the analyzed code. Capability inventory: The skill usesRead,Write, andEdittools, which could be targeted by malicious instructions in the code being reviewed. Sanitization: No sanitization is performed on the ingested code content.
Audit Metadata