首页龙虾技能列表 › Axe DevTools — 技能工具

Axe DevTools — 技能工具

v4.0.0

[自动翻译] Accessibility testing and remediation using the axe MCP Server. Use when creating or modifying UI code (HTML, JSX, TSX, Vue, Svelte, CSS) to ensure ac...

0· 978·1 当前·1 累计
by @dylanb·MIT-0
下载技能包
License
MIT-0
最后更新
2026/4/10
安全扫描
VirusTotal
可疑
查看报告
OpenClaw
可疑
high confidence
The skill implements an axe MCP Docker-based wrapper and largely matches its stated purpose, but registry metadata omits required env vars and binaries and the runtime will pull/run a third‑party Docker image with your AXE_API_KEY — these mismatches and the secret-exposure risk should be resolved before trusting the skill.
评估建议
Things to consider before installing or running this skill: - Metadata inconsistencies: the registry record claims no required env vars or binaries, but the SKILL.md and scripts require AXE_API_KEY and Docker. Treat the metadata as inaccurate until corrected. - Secret handling: the script passes AXE_API_KEY into a Docker container (dequesystems/axe-mcp-server). That exposes the key to whatever code is in that image. Only proceed if you trust the image owner, or prefer to run a vetted/pinned ima...
详细分析 ▾
用途与能力
The skill's name/description align with the included code and SKILL.md: it calls an axe MCP server to analyze and remediate accessibility issues. However the registry metadata claims no required env vars or binaries while both the README and the script require AXE_API_KEY and Docker (the script spawns `docker run`). This metadata mismatch is an inconsistency.
指令范围
SKILL.md and the wrapper script limit runtime actions to launching a Docker container for the MCP server and sending JSON-RPC commands (analyze/remediate/tools-list). The instructions do not ask to read unrelated files or exfiltrate local data. Note: the skill will pass AXE_API_KEY into the container and honors an optional AXE_SERVER_URL env var (which could point the workload to a custom server).
安装机制
There is no install spec (instruction-only), which is low risk. Runtime behavior will pull/run the Docker image dequesystems/axe-mcp-server:latest. That image is the expected vendor image, but pulling an image at runtime (and using the unpinned :latest tag) has provenance risks — you should trust or pin the image digest before use.
凭证需求
The code and SKILL.md require AXE_API_KEY (and optionally AXE_SERVER_URL) but the registry metadata lists no required env vars. The script injects AXE_API_KEY into a third-party container environment, which is normal for API access but means your secret is handed to that image; ensure the image is trusted and the key is least-privilege. Additionally, the script expects the docker binary to exist but metadata doesn't declare required binaries.
持久化与权限
The skill does not request persistent/always-on presence and does not alter other skill or system configs. It runs on-demand and uses Docker with --rm, so it does not leave persistent processes per the code shown.
安全有层次,运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发,无需署名。

运行时依赖

无特殊依赖

版本

latestv4.0.02026/2/12

**Major update: Rebranded and expanded skill for axe accessibility testing** - Renamed skill to "axe-accessibility" and updated description for clarity. - Now leverages the axe MCP Server for automated accessibility scans and AI-powered remediation. - Added detailed prerequisites (Docker, API key) and usage instructions for new tools: analyze, remediate, and tools-list. - Introduced a step-by-step workflow for integrating accessibility testing into UI development. - Included static review best practices for code without a live preview. - Provided updated support, pricing, and company information.

● 可疑

安装命令 点击复制

官方npx clawhub@latest install axe-devtools
镜像加速npx clawhub@latest install axe-devtools --registry https://cn.clawhub-mirror.com

技能文档

Test web pages for accessibility violations and get AI-powered remediation guidance using the axe DevTools MCP Server.

Prerequisites

  • Docker running locally
  • AXE_API_KEY environment variable set
  • Docker image pulled: dequesystems/axe-mcp-server:latest

Tools

The wrapper script at scripts/axe-mcp.js (Node.js — no extra dependencies) provides two tools:

analyze

Scan a live web page for accessibility violations. Requires a URL (works with localhost).

node scripts/axe-mcp.js analyze

Returns JSON-RPC response. The violations are in result.content[0].text (JSON string) under the data array. Each violation has: rule, impact, description, selector, source, helpUrl.

remediate

Get AI-powered fix guidance for a specific violation. Handles HTML with quotes/brackets safely.

node scripts/axe-mcp.js remediate    [pageUrl]

Returns general_description, remediation, and code_fix in result.content[0].text.

tools-list

List available MCP tools.

node scripts/axe-mcp.js tools-list

Workflow

When modifying UI code and a live page is available:

  • Analyzenode scripts/axe-mcp.js analyze
  • Parse — extract violations from the JSON response
  • Remediate — for each unique rule violation, call remediate with ruleId, element HTML, and issue description
  • Apply — implement the recommended code fixes in source
  • Verify — re-run analyze to confirm zero violations

When no live page is available (static code review), apply accessibility best practices directly:

  • Images: alt text (or alt="" for decorative)
  • Forms: inputs need associated elements
  • Interactive elements: keyboard accessible, visible focus
  • Color contrast: WCAG AA (4.5:1 normal text, 3:1 large text)
  • ARIA: valid, complete, not redundant with native semantics
  • Headings: proper hierarchy (h1 → h2 → h3)
  • Dynamic content: focus management for modals, SPAs, live regions

Notes

  • Each remediate call uses AI credits from your organization's allocation
  • The analyze tool spins up a real browser in Docker — allow ~30s for results
  • Works with localhost URLs for local development testing
Note: Requires a paid Axe DevTools for Web subscription.

Support

For technical support, bug reports, and feature requests:

Pricing & Sales

About Deque

Deque Systems is the trusted leader in digital accessibility.

数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制

了解定制服务