Accessibility Engine
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: afrexai-accessibility-engine Version: 1.0.0 The skill is designed for accessibility engineering and contains extensive, legitimate content related to WCAG compliance, testing, and remediation. However, it includes `bash` code blocks in `SKILL.md` demonstrating automated accessibility testing tools (`axe`, `pa11y`). While these commands are presented as examples for users and are plausibly needed for the stated purpose, their presence introduces a potential vulnerability. If the OpenClaw agent's execution environment were to automatically interpret and execute such descriptive code blocks, especially with unsanitized user-provided input (e.g., a URL), it could lead to shell injection. This constitutes a 'risky capability' without clear malicious intent, thus classifying it as suspicious rather than malicious.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users may rely too heavily on the skill for legal compliance decisions without expert review.
The skill uses urgent legal-risk language. This is relevant to accessibility compliance, but it could cause users to over-trust the skill's guidance as definitive legal or audit assurance.
ADA lawsuits in the US hit 4,600+ in 2023. EU EAA enforcement starts June 2025. This is NOT optional.
Use the skill as an accessibility planning and checklist aid, but confirm legal obligations and audit conclusions with qualified accessibility and legal professionals.