ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Accessibility Checker

v1.0.0

Prüft UI-Komponenten auf WCAG-Verstöße, identifiziert Accessibility-Probleme und implementiert Verbesserungen wie ARIA-Labels und Farbkontrast.

0· 60·0 current·1 all-time
by@hupmann86-cell
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description claim auditing and implementing accessibility fixes. The SKILL.md lists audit/identify/fix/test steps, which aligns at a high level, but the skill provides no mechanism (no binaries, no install, no declared editor or repo access) for actually making code changes. Implementing fixes typically requires file read/write or CI integration, which this skill does not document or request.
!
Instruction Scope
The runtime instructions are very short and open-ended: 'scan UI components' and 'implement improvements' without specifying where components live, what files to read, or what tooling to run. That vagueness grants the agent broad discretion (e.g., to read arbitrary project files or ask for external data) and includes language like 'validate with tools like Lighthouse or screenreaders' without declaring those tools as required, which can lead to unexpected actions.
Install Mechanism
No install spec and no code files — lowest-risk from an install perspective. Nothing will be automatically written to disk by the skill itself.
Credentials
The skill requests no environment variables, credentials, or config paths. That is proportionate to an instruction-only skill, but it increases ambiguity about how the agent is expected to access project files or run testing tools.
Persistence & Privilege
always is false and the skill does not request persistent privileges or configuration changes to the agent. It does permit autonomous invocation by default (platform normal), but there are no added persistent privileges declared.
What to consider before installing
This skill reads like a high-level checklist rather than an executable tool. Before installing or using it, ask the author (or the agent) to clarify: 1) How will it access your codebase? (read-only suggestions vs. direct file edits) 2) Which tools will it run (Lighthouse, axe, screenreader automation) and do those require binaries or CI access? 3) Will it open network connections or require credentials? 4) Require explicit prompts/consent before any file-modifying actions and prefer running it in a disposable/test repository or branch. If you need automatic fixes, prefer a skill that declares the exact tools, file access methods, and safety controls (e.g., create a PR rather than editing files directly).

Like a lobster shell, security has layers — review code before you run it.

latestvk970z5ya4hgn9n3hrvm4ht6gh984agwq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments