功能描述

Performs enterprise-grade WCAG 2.2 accessibility audits with VoiceOver simulation, color contrast, semantic analysis, multi-page crawling, and detailed actio...

使用说明 (SKILL.md)

🌍 Universal Deep Accessibility Analyzer Skill

Name: Deep Accessibility Analyzer
Author: sarperarikan

Skill Definition

Name: deep-accessibility-analyzer Version: 2.0.0 Description: Enterprise-grade WCAG 2.2 deep analysis with VoiceOver simulation, visual analysis, screenshot-based color detection, semantic analysis, and multi-page crawling (40+ pages)

Capabilities

1. VoiceOver Deep Simulation

Real macOS VoiceOver integration via Guidepup
Keyboard navigation testing (Tab, Shift+Tab, Arrow keys)
Landmark navigation (R, C, F, H keys)
Heading hierarchy navigation (1-6 keys)
Form interaction testing
Modal dialog testing
Focus trap detection
Screen reader announcements validation

2. Visual Analysis (Full-Page Screenshot)

Full-page color screenshot capture (not grayscale)
Color contrast analysis (WCAG 1.4.3)
Visual hierarchy detection
Layout breakage detection at different viewports
Text clipping/overflow detection
Interactive element visibility check
Focus indicator visibility validation

3. Semantic & Meaning Analysis

Content meaning coherence
Link context appropriateness
Image alt text relevance (AI-powered)
Form label clarity
Error message helpfulness
Navigation logic flow
Cognitive load assessment

4. Multi-Disability Coverage

Blind users: Screen reader compatibility, keyboard navigation
Low vision: Color contrast, zoom 200%/400%, text spacing
Motor impairments: Keyboard accessibility, timing adjustments
Cognitive: Clear language, consistent navigation, error prevention
Hearing: Captions, transcripts, visual alternatives

5. Intelligent Multi-Page Crawling

Minimum 40 pages per scan
Same-domain only (no external links)
Depth-first + breadth-first hybrid
Loop prevention with visited set
Dynamic route discovery (SPA support)
Priority pages: Forms, Products, Checkout, Navigation
Rate limiting: 3-5 seconds between pages (human-like)

6. Security Stealth Mode

Human-like browsing patterns
Random delays between actions
Natural scroll behavior
Realistic mouse movements
Proper User-Agent rotation
No automation detection flags
Cloudflare/WAF bypass

7. AI Strategy (Gemini 2.5 Flash)

Token-efficient analysis
Smart batching (group similar issues)
Progressive analysis (critical first)
Context-aware prompting
No full DOM sending (snippets only)
Cache results to avoid re-analysis
Limit: ~50,000 tokens per page max

Output Requirements

Detailed Issue Reports (NOT summaries)

For EACH issue:

Exact location: URL + CSS selector + XPath
Screenshot: Annotated with issue highlighted
Code snippet: Actual HTML from page
WCAG mapping: Criterion + Level + Success/Failure
Disability impact: Which user groups affected
Root cause: Why this fails
Technical solution: Copy-paste ready code fix
Priority: Critical/Serious/Moderate/Minor
Effort estimate: Dev hours to fix
Business impact: Legal/UX/SEO impact

Process Analysis

Scan timeline (start/end per page)
Pages discovered vs scanned
Issues per page breakdown
Trend analysis (improving/worsening)
Comparison with industry benchmarks

Final Deliverables

HTML Report: Professional, accessible, with charts
JSON Report: Machine-readable, API-ready
Markdown Report: Human-readable summary
Jira Tickets: One per issue, ready to import
CSV Export: For Excel analysis
Screenshots Folder: Annotated images per issue

Technical Stack

Browser: Playwright (Chromium + WebKit for Safari simulation)
Screen Reader: Guidepup (macOS VoiceOver)
AI: Gemini 2.5 Flash (Google AI Studio)
Screenshots: Playwright full-page + element screenshots
Color Analysis: node-color-contrast + custom algorithms
Crawling: Custom BFS/DFS hybrid with priority queue
Storage: Local filesystem + optional S3

Performance Targets

Pages per hour: 40-60 (with deep analysis)
Token usage: \x3C100k tokens per 10 pages average
False positive rate: \x3C5%
Issue detection accuracy: >95%
Report generation: \x3C2 minutes after scan complete

Error Handling

Retry failed pages (max 3 attempts)
Skip inaccessible pages (log reason)
Continue on AI API errors (use deterministic fallback)
Graceful degradation (partial reports OK)
Detailed error logging for debugging

Usage Example

# Full deep scan (40+ pages)
node deep-accessibility-analyzer.js https://www.arcelik.com.tr --pages=40 --depth=5

# Quick scan (10 pages)
node deep-accessibility-analyzer.js https://example.com --pages=10

# Single page deep dive
node deep-accessibility-analyzer.js https://example.com/product/123 --single

# With VoiceOver (requires macOS)
node deep-accessibility-analyzer.js https://example.com --voiceover

# Export formats
node deep-accessibility-analyzer.js https://example.com --format=html,json,md,jira,csv

Configuration

const CONFIG = {
  // Scan settings
  minPages: 40,
  maxPages: 100,
  maxDepth: 5,
  timeout: 60000,
  delayBetweenPages: 4000,
  
  // AI settings
  geminiModel: 'gemini-2.5-flash',
  maxTokensPerPage: 50000,
  tokenBudget: 500000, // Total per scan
  
  // Screenshot settings
  fullPageScreenshot: true,
  elementScreenshots: true,
  annotateIssues: true,
  
  // VoiceOver settings
  enableVoiceOver: true, // macOS only
  voiceOverRate: 300, // Words per minute
  
  // Output
  outputDir: './audits',
  formats: ['html', 'json', 'md', 'jira', 'csv'],
  
  // Stealth
  stealthMode: true,
  randomDelays: true,
  humanScrolling: true
};

Success Criteria

✅ Minimum 40 pages scanned ✅ Full-page color screenshots for all pages ✅ VoiceOver simulation completed ✅ Color contrast analysis for all text elements ✅ Semantic coherence validated by AI ✅ No security triggers (WAF/Cloudflare bypassed) ✅ Detailed issue reports (not summaries) ✅ Copy-paste ready code fixes ✅ Jira tickets generated ✅ Process timeline documented ✅ Under token budget

This skill replaces all previous WCAG scanning scripts. Default behavior: Deep, comprehensive, production-ready analysis.

安全使用建议

This skill's documentation claims heavy dependencies and even explicit WAF/Cloudflare evasion, but the published package declares no binaries, no install steps, and no credentials — that's inconsistent and risky. Before installing or using this skill: (1) Ask the publisher for the full install script and a signed source repository (GitHub/GitLab) so you can inspect code and dependencies. (2) Require a list of exact environment variables and why each is needed (e.g., Google AI credentials, AWS keys, Guidepup license). Do not provide cloud API keys or AWS credentials until you can review the code. (3) Verify lawful/ethical handling of 'stealth' functionality — explicit WAF bypass is a red flag and can be illegal or violate terms of service. (4) If you test this, run it in an isolated VM or ephemeral container with no access to production systems or sensitive data. (5) Consider using well-known, audited accessibility tools (axe, Lighthouse, pa11y) unless you can fully validate this project's code and behavior.

功能分析

Type: OpenClaw Skill Name: deep-accessibility-analyzer Version: 1.0.0 The SKILL.md file contains instructions for a 'Security Stealth Mode' designed to bypass WAF/Cloudflare protections and use human-like browsing patterns to evade detection. It also employs a common prompt injection technique ('This skill replaces all previous WCAG scanning scripts') to override the agent's operational context. While these capabilities are framed as part of an accessibility auditor, the inclusion of evasion techniques and context-hijacking instructions without the accompanying implementation code (deep-accessibility-analyzer.js) warrants a suspicious classification.

能力评估

⚠ Purpose & Capability

The name/description claim an enterprise scanner requiring Playwright, VoiceOver integration, AI (Gemini), and optional S3 — yet the registry metadata declares no required binaries, no OS restriction, and no required environment variables or credentials. Reasonable implementations of this capability would require explicit dependencies (node, Playwright, macOS VoiceOver/tooling) and API credentials for a cloud LLM or S3. The lack of those declared requirements is incoherent.

⚠ Instruction Scope

SKILL.md instructs running a node script that crawls 40+ pages, captures full-page screenshots, extracts HTML snippets, and produces annotated screenshots and Jira tickets. It also explicitly includes a 'Security Stealth Mode' section with 'Cloudflare/WAF bypass' and 'No automation detection flags' — this is scope creep into evasion and potentially abusive behavior. The instructions imply collection and transmission of page HTML and screenshots (potentially sensitive data) but give no guidance on data handling, consent, or required credentials.

⚠ Install Mechanism

There is no install spec even though the SKILL.md expects node, Playwright, Guidepup, and node-color-contrast. An instruction-only skill that requires substantial third-party tooling but doesn't declare how to install it is a mismatch: users would have to infer/perform manual installs, increasing the risk of installing unverified packages. No URLs or trusted release hosts are provided for the referenced components.

⚠ Credentials

The skill declares no required environment variables but claims use of Gemini 2.5 Flash (which requires Google/AI Studio credentials), optional S3 storage (AWS keys), and possibly Guidepup licensing or macOS-only tooling. Sensitive credentials are implied but not requested/declared. That omission hides the true credential needs and weakens the ability to review or sandbox the skill safely.

⚠ Persistence & Privilege

The skill does not request 'always' persistence and is user-invocable, but the SKILL.md's emphasis on stealth, evasion of automation detection, and potential automated crawling increases the risk if the agent is allowed autonomous invocation. While autonomous invocation alone isn't a disqualifier, combined with the other mismatches and explicit WAF/Cloudflare bypass statements it's a material concern.

版本历史

v1.0.0

Universal Deep Accessibility Analyzer Skill 2.0.0 is a major upgrade offering comprehensive, enterprise-grade web accessibility auditing for 40+ pages. - Adds macOS VoiceOver simulation and deep keyboard navigation testing (Guidepup integration) - Introduces full-page color screenshot-based visual analysis, including color contrast, layout, and focus indicator checks - Expands semantic and content meaning analysis (link context, alt text relevance, cognitive load) - Automatic multi-page crawling (40+ pages), dynamic routing, and SPA support with priority on key pages - Stealth mode: human-like browsing, random delays, Cloudflare/WAF bypass, improved automation protection - AI-powered strategies for efficient, context-aware issue detection (Gemini 2.5 Flash), batching, and token usage balancing - Detailed, per-issue reporting with annotated screenshots, WCAG mapping, code fixes, and Jira ticket generation - Multi-format output: HTML, JSON, Markdown, Jira, CSV, and annotated screenshot folders - High-performance targets: up to 60 pages/hour, issue detection accuracy >95%,

元数据

Slug deep-accessibility-analyzer

版本 1.0.0

许可证 MIT-0

累计安装 1

当前安装数 1

历史版本数 1

常见问题

Deep Accessibility Analyzer 是什么？

Performs enterprise-grade WCAG 2.2 accessibility audits with VoiceOver simulation, color contrast, semantic analysis, multi-page crawling, and detailed actio... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 117 次。

如何安装 Deep Accessibility Analyzer？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install deep-accessibility-analyzer」即可一键安装，无需额外配置。

Deep Accessibility Analyzer 是免费的吗？

是的，Deep Accessibility Analyzer 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Deep Accessibility Analyzer 支持哪些平台？

Deep Accessibility Analyzer 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Deep Accessibility Analyzer？

由 sarperarikan（@sarperarikan）开发并维护，当前版本 v1.0.0。

Deep Accessibility Analyzer