← 返回 Skills 市场
93
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install accesslint
功能描述
Web accessibility & WCAG compliance scanner — detects WCAG 2.1 violations, missing ARIA attributes, color contrast issues, keyboard navigation problems, and...
使用说明 (SKILL.md)
\r \r
AccessLint — Web Accessibility & WCAG Compliance Scanner\r
\r AccessLint scans codebases for WCAG 2.1 violations, missing ARIA attributes, color contrast issues, keyboard navigation problems, form accessibility failures, and semantic HTML anti-patterns. It uses regex-based pattern matching against 95+ accessibility patterns across HTML, JSX, Vue, and Svelte templates. Lefthook integration for git hooks, markdown accessibility reports with WCAG success criterion mapping.\r \r
Commands\r
\r
Free Tier (No license required)\r
\r
accesslint scan [file|directory]\r
One-shot accessibility scan of files or directories.\r \r How to execute:\r
bash "\x3CSKILL_DIR>/scripts/accesslint.sh" scan [target]\r
```\r
\r
**What it does:**\r
1. Accepts a file path or directory (defaults to current directory)\r
2. Auto-detects file type from extensions (HTML, JSX, TSX, Vue, Svelte)\r
3. Finds all template/component files that contain markup\r
4. Runs 95+ accessibility patterns against each file\r
5. Calculates an accessibility score (0-100) per file and overall\r
6. Outputs findings with: file, line number, check ID, severity, WCAG criterion, description, recommendation\r
7. Exit code 0 if passing (score >= 70), exit code 1 if issues found\r
8. Free tier limited to 5 files per scan\r
\r
**Example usage scenarios:**\r
- "Scan my code for accessibility issues" -> runs `accesslint scan .`\r
- "Check this component for WCAG violations" -> runs `accesslint scan src/components/Button.tsx`\r
- "Audit my templates for missing ARIA attributes" -> runs `accesslint scan src/`\r
- "Are there any accessibility problems in my frontend?" -> runs `accesslint scan .`\r
\r
### Pro Tier ($19/user/month -- requires ACCESSLINT_LICENSE_KEY)\r
\r
#### `accesslint hooks install`\r
Install git pre-commit hooks that scan staged files for accessibility issues before every commit.\r
\r
**How to execute:**\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/accesslint.sh" hooks install\r
```\r
\r
**What it does:**\r
1. Validates Pro+ license\r
2. Copies lefthook config to project root\r
3. Installs lefthook pre-commit hook\r
4. On every commit: scans all staged template files for accessibility violations, blocks commit if critical/high findings, shows remediation advice\r
\r
#### `accesslint hooks uninstall`\r
Remove AccessLint git hooks.\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/accesslint.sh" hooks uninstall\r
```\r
\r
#### `accesslint report [directory]`\r
Generate a markdown accessibility report with findings, severity breakdown, and WCAG criterion mapping.\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/accesslint.sh" report [directory]\r
```\r
\r
**What it does:**\r
1. Validates Pro+ license\r
2. Runs full scan of the directory\r
3. Generates a formatted markdown report from template\r
4. Includes per-file breakdowns, accessibility scores, WCAG 2.1 success criterion references\r
5. Output suitable for accessibility reviews and compliance audits\r
\r
#### `accesslint audit [directory]`\r
Deep accessibility audit with component analysis and ARIA coverage checks.\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/accesslint.sh" audit [directory]\r
```\r
\r
**What it does:**\r
1. Validates Pro+ license\r
2. Runs all 95+ patterns including framework-specific and dynamic content patterns\r
3. Analyzes component-level accessibility coverage\r
4. Reports ARIA attribute completeness across the codebase\r
5. Provides heading hierarchy and landmark region analysis\r
\r
### Team Tier ($39/user/month -- requires ACCESSLINT_LICENSE_KEY with team tier)\r
\r
#### `accesslint policy [directory]`\r
Enforce organization-specific accessibility policies on codebases.\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/accesslint.sh" policy [directory]\r
```\r
\r
**What it does:**\r
1. Validates Team+ license\r
2. Loads custom policies from ~/.openclaw/openclaw.json (accesslint.config.customPolicies)\r
3. Enforces organization-specific rules (e.g., required ARIA patterns, banned inaccessible patterns, mandatory alt text)\r
4. Combines custom policies with built-in patterns for comprehensive scanning\r
5. Outputs SARIF-compatible results\r
\r
#### `accesslint sarif [directory]`\r
Generate SARIF JSON output for CI/CD integration.\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/accesslint.sh" sarif [directory]\r
```\r
\r
**What it does:**\r
1. Validates Team+ license\r
2. Runs full scan of the directory\r
3. Outputs findings in SARIF 2.1.0 JSON format\r
4. Compatible with GitHub Code Scanning, Azure DevOps, and other SARIF consumers\r
\r
#### `accesslint wcag [directory]`\r
Generate WCAG 2.1 AA/AAA compliance report.\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/accesslint.sh" wcag [directory]\r
```\r
\r
**What it does:**\r
1. Validates Team+ license\r
2. Runs full scan with all patterns\r
3. Maps findings to WCAG 2.1 success criteria (Level A, AA, AAA)\r
4. Generates comprehensive compliance report with pass/fail per criterion\r
5. Includes executive summary, detailed findings, and remediation roadmap\r
\r
#### `accesslint status`\r
Show license and configuration information.\r
\r
```bash\r
bash "\x3CSKILL_DIR>/scripts/accesslint.sh" status\r
```\r
\r
## Detected Violations\r
\r
AccessLint detects 95+ accessibility patterns across 6 categories:\r
\r
| Category | Examples | Severity |\r
|----------|----------|----------|\r
| **Missing ARIA & Roles** | Images without alt, buttons without accessible names, inputs without labels, icon-only buttons without aria-label, SVG without title/role, links with no text content | Critical/High |\r
| **Semantic HTML Issues** | div/span used as button/link, nested interactive elements, heading hierarchy violations, multiple h1 tags, missing lang attribute, missing document title | Critical/High |\r
| **Keyboard Navigation** | Click handlers without keyboard equivalent, mouseOnly events, missing focus styles, tabindex misuse, focus traps without escape | High/Medium |\r
| **Form Accessibility** | Inputs without associated labels, missing fieldset/legend, placeholder-only labels, required fields without aria-required, error messages not linked | Critical/High |\r
| **Color & Visual** | Color-only information, potential low contrast patterns, missing prefers-reduced-motion, animations without motion preference | High/Medium |\r
| **Dynamic Content** | Live regions without aria-live, loading states without announcements, modals without focus management, toast/notification without role=alert | High/Medium |\r
\r
## Configuration\r
\r
Users can configure AccessLint in `~/.openclaw/openclaw.json`:\r
\r
```json\r
{\r
"skills": {\r
"entries": {\r
"accesslint": {\r
"enabled": true,\r
"apiKey": "YOUR_LICENSE_KEY_HERE",\r
"config": {\r
"severityThreshold": "high",\r
"customPolicies": [],\r
"excludePatterns": ["**/test/**", "**/examples/**", "**/storybook/**"],\r
"wcagLevel": "AA",\r
"reportFormat": "markdown"\r
}\r
}\r
}\r
}\r
}\r
```\r
\r
## Important Notes\r
\r
- **Free tier** works immediately with no configuration\r
- **All scanning happens locally** -- no code is sent to external servers\r
- **License validation is offline** -- no phone-home or network calls\r
- Pattern matching only -- no AST parsing, no external dependencies\r
- Supports scanning multiple template formats in a single pass\r
- Git hooks use **lefthook** which must be installed (see install metadata above)\r
- Exit codes: 0 = passing (score >= 70), 1 = issues found (for CI/CD integration)\r
- Addresses WCAG 2.1 Level A, AA, and AAA success criteria\r
\r
## Error Handling\r
\r
- If lefthook is not installed and user tries `hooks install`, prompt to install it\r
- If license key is invalid or expired, show clear message with link to https://accesslint.pages.dev/renew\r
- If a file is binary, skip it automatically with no warning\r
- If no scannable files found in target, report clean scan with info message\r
- If file type cannot be determined from extension, skip the file gracefully\r
\r
## When to Use AccessLint\r
\r
The user might say things like:\r
- "Scan my code for accessibility issues"\r
- "Check for WCAG violations in my frontend"\r
- "Are there any missing ARIA attributes in my components?"\r
- "Audit my templates for accessibility problems"\r
- "Check if my forms have proper labels"\r
- "Scan for keyboard navigation issues"\r
- "Check my React components for a11y issues"\r
- "Generate an accessibility report"\r
- "Set up pre-commit hooks for accessibility"\r
- "Check for missing alt text on images"\r
- "Are there any heading hierarchy problems?"\r
- "Scan for color contrast issues"\r
- "Run WCAG compliance checks on my templates"\r
安全使用建议
This skill appears to be what it claims: a local, regex-based accessibility scanner with optional paid features gated by a license key. Before installing: 1) Confirm you trust the skill source and that the installation path (default ~/.openclaw/skills/accesslint or ACCESSLINT_SKILL_DIR) is secure — git hooks will source scripts from that location on every commit. 2) Expect the tool to read ~/.openclaw/openclaw.json or ACCESSLINT_LICENSE_KEY for license info; if you keep sensitive keys in that config, be aware the skill will read them (only to validate license). 3) The installer asks you to brew install lefthook and requires standard CLI tools (git, bash, grep, find, python3/jq optional). 4) There is no evidence of network exfiltration or calls to external services in the provided scripts. If you need higher assurance, review the shipped scripts (patterns.sh, analyzer.sh, license.sh) yourself and verify that ACCESSLINT_SKILL_DIR is not writable by other users on your system.
功能分析
Type: OpenClaw Skill
Name: accesslint
Version: 1.0.2
AccessLint is a static analysis tool for web accessibility and WCAG compliance. It uses regex-based pattern matching (defined in scripts/patterns.sh) to scan HTML, JSX, Vue, and Svelte files locally. The skill includes functionality for git hook integration via lefthook (scripts/accesslint.sh), report generation, and offline license validation using JWTs (scripts/license.sh). No evidence of data exfiltration, malicious execution, or prompt injection was found; all operations are performed locally on the user-specified directory and the standard OpenClaw configuration file (~/.openclaw/openclaw.json).
能力标签
能力评估
Purpose & Capability
The name/description (WCAG/static template scanning) align with what the skill installs and runs: it contains pattern definitions, an analyzer, and a CLI entrypoint. The declared primary credential (ACCESSLINT_LICENSE_KEY) matches the license checks in license.sh. The brew install lefthook makes sense for the pre-commit hook feature.
Instruction Scope
SKILL.md and the scripts instruct the agent to run local shell scripts that scan files, generate reports, and optionally install git hooks. The runtime code reads ~/.openclaw/openclaw.json (to obtain an apiKey) and may read ACCESSLINT_LICENSE_KEY and optional ACCESSLINT_SKILL_DIR; otherwise it performs local filesystem scanning (find/grep) and pattern matching. There are no instructions to send data to external endpoints or to read unrelated system secrets.
Install Mechanism
Install spec only requests the lefthook Homebrew formula (a common git-hooks manager). The skill's code is included in the package (scripts/*.sh, patterns.sh), so nothing is being fetched from arbitrary URLs at install-time. This is a low-risk, expected install mechanism for the described feature.
Credentials
The only required credential is ACCESSLINT_LICENSE_KEY (primaryEnv), which is appropriate for tiered features. The code also optionally reads ~/.openclaw/openclaw.json (declared in SKILL.md) and will consult environment variables like ACCESSLINT_SKILL_DIR and CLAWHUB_JWT_SECRET if present — these are reasonable for configuration/license verification but are not listed as required env vars in the registry metadata. No unrelated cloud credentials or broad secrets are requested.
Persistence & Privilege
The skill does not request always:true. Hooks install will modify the repository's lefthook.yml and run lefthook install (expected for a pre-commit integration). Note: installed pre-commit hooks execute on each commit and will source the skill's scripts from ACCESSLINT_SKILL_DIR (default ~/.openclaw/skills/accesslint), so ensure that path is trusted and not writable by untrusted users.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install accesslint - 安装完成后,直接呼叫该 Skill 的名称或使用
/accesslint触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
Fix: POSIX ERE regex compliance, declare all deps, JWT verification
v1.0.1
Fix: declare all deps, JWT signature verification, configPaths
v1.0.0
Initial release of AccessLint – a web accessibility and WCAG compliance scanner.
- Scans HTML, JSX, Vue, and Svelte files for 95+ accessibility patterns.
- Detects WCAG 2.1 violations, missing ARIA attributes, color contrast, keyboard navigation, and semantic HTML issues.
- Provides one-shot scans, git hook integration, and generates accessibility reports.
- Supports Pro and Team tiers for advanced audit, policy enforcement, and CI/CD reporting (Markdown/SARIF/WCAG compliance reports).
- No external code transmission — all scans and license validation are performed locally.
- Free tier allows scanning up to 5 files without a license.
元数据
常见问题
accesslint 是什么?
Web accessibility & WCAG compliance scanner — detects WCAG 2.1 violations, missing ARIA attributes, color contrast issues, keyboard navigation problems, and... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 93 次。
如何安装 accesslint?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install accesslint」即可一键安装,无需额外配置。
accesslint 是免费的吗?
是的,accesslint 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
accesslint 支持哪些平台?
accesslint 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(darwin, linux, win32)。
谁开发了 accesslint?
由 suhteevah(@suhteevah)开发并维护,当前版本 v1.0.2。
推荐 Skills