wcag-audit-patterns
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE] (SAFE): No hardcoded credentials, malicious scripts, or exfiltration patterns were found in the skill markdown.
- [Indirect Prompt Injection] (LOW): The skill is designed to audit untrusted external web content, which presents an indirect prompt injection risk. 1. Ingestion points: Source code and UI of websites being audited. 2. Boundary markers: Instructions do not specify delimiters for external content. 3. Capability inventory: Manual and automated tool usage (axe, Lighthouse, WAVE) and documentation generation. 4. Sanitization: No sanitization or validation of the ingested content is defined.
Audit Metadata