The Agent Skills Directory

[SAFE]: The skill's instructions and code are consistent with its stated purpose of implementing accessibility compliance and performing audits. No malicious patterns, such as prompt injection, persistence, or data exfiltration, were found.- [EXTERNAL_DOWNLOADS]: The scripts/audit_a11y.py script utilizes the requests library to fetch HTML content from user-provided URLs. This network operation is necessary for the skill's primary function of auditing external websites.- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection because the auditing script ingests untrusted HTML content from external websites. Evidence Chain: 1. Ingestion point: requests.get() in scripts/audit_a11y.py fetches external content. 2. Boundary markers: Absent; the script parses the raw HTML structure. 3. Capability inventory: The script extracts structural metadata and prints it to the console or a JSON file; it does not have the capability to execute the content or access sensitive local files. 4. Sanitization: Absent, as the tool is designed to report on the raw state of external HTML attributes.

israeli-accessibility-compliance