Axe DevTools
PassAudited by ClawScan on May 10, 2026.
Overview
This skill appears purpose-aligned for axe accessibility testing, but it runs an external Dockerized MCP server with an Axe API key and can send page URLs or HTML snippets to that service.
This skill is reasonable for accessibility testing if you trust the Deque Docker image and are comfortable giving it your AXE_API_KEY. Before installing, confirm Docker execution is allowed in your environment, consider pinning the container image, and avoid scanning or remediating sensitive internal pages unless the data-sharing and credit usage are acceptable.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill can start a Docker container on the user's machine.
The skill runs a local Docker command. This is disclosed and purpose-aligned for the axe MCP wrapper, but it means installing the skill enables local process execution when invoked.
const proc = spawn("docker", dockerArgs, { stdio: ["pipe", "pipe", "pipe"] });Use it only where Docker execution is acceptable, and review the Docker image/source before relying on it in sensitive environments.
Future runs may execute a newer container image than the one the user expected.
The runtime depends on an external Docker image using the mutable latest tag, so the executed server code can change outside the reviewed skill artifacts.
Docker image pulled: `dequesystems/axe-mcp-server:latest`
Prefer pinning a reviewed image version or digest, and verify the publisher before use.
The container can use the user's Axe DevTools subscription and may consume organization credits.
The wrapper reads the user's Axe API key and passes it into the Dockerized MCP server. This is expected for the paid axe service, but it gives the container access to the subscription credential and credits.
const AXE_API_KEY = process.env.AXE_API_KEY; ... "-e", `AXE_API_KEY=${AXE_API_KEY}`Use a rotatable, appropriately scoped API key and monitor credit usage.
Private page URLs or DOM snippets could be included in requests made through the MCP server.
The remediation command sends element HTML, issue text, and optionally a page URL to the MCP tool. SKILL.md discloses AI-powered remediation, but users should treat this as sharing page details with the axe MCP/provider workflow.
const remArgs = { ruleId, elementHtml, issueRemediation }; if (pageUrl) remArgs.pageUrl = pageUrl;Avoid using the remediation tool on confidential pages or sensitive HTML unless that data sharing is acceptable under your organization's policy.