a11y-ally

SUSPICIOUS: the core audit behavior is largely aligned with an accessibility-testing skill, but the footprint is broader than a simple scanner. Autonomous execution, transitive reliance on another skill, runtime third-party script loading, arbitrary-site crawling, remote video downloads, and optional frame upload to Anthropic create medium security risk even without clear malicious intent or credential theft.