Back to skill
Skillv1.0.0
ClawScan security
accessibility-tester · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 29, 2026, 11:43 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions and requirements are coherent with an accessibility-testing assistant and it asks for no extra credentials or installs, but the runtime guidance is fairly open-ended about what tools and data it will use.
- Guidance
- This skill appears coherent for accessibility testing and doesn’t request credentials or install code. Before enabling it broadly, confirm where it will run and what tools it may invoke: ask which automated scanners (axe, pa11y, Lighthouse, etc.) it should use, ensure those tools are available and trusted on the host, and verify the agent’s 'context manager' access scope so it cannot read unrelated sensitive files. If you want tighter control, request the skill be updated to list allowed scanning tools and explicit file/path scope or require the user to provide the scan artifacts instead of letting the agent discover them autonomously.
Review Dimensions
- Purpose & Capability
- okName, description, and the SKILL.md content are consistent: the instructions focus on WCAG, screen readers, keyboard navigation, and remediation patterns that an accessibility tester would perform. The skill does not request unrelated binaries, environment variables, or config paths.
- Instruction Scope
- noteMost instructions stay on-topic (analysis, automated scanning, manual verification, remediation, documentation). However, the instructions are broad and sometimes prescriptive without specifying tools or limits — e.g., 'Query context manager for application structure' and 'Run automated scanners' give the agent wide discretion about what data to access and which scanners to run. This vagueness could lead the agent to read project files or invoke external tools not explicitly declared. The SKILL.md does not instruct the agent to access unrelated system paths or secrets.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files. Nothing is downloaded or written to disk by the skill itself, which minimizes install risk.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. The requested capabilities (testing, remediation) do not require hidden or broad credentials according to the provided metadata.
- Persistence & Privilege
- okalways is false and the skill is user-invocable with normal autonomous invocation allowed. The skill does not request permanent presence or system-wide configuration changes in its metadata or instructions.