linux-at-spi2_skill

This skill securely automates AT-SPI2 interactions on Linux, enabling accessible GTK/Qt automation with strict target validation and audit logging.
  • Shell

25

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill martinholovsky/claude-skills-generator --skill linux-at-spi2

  • SKILL.md14.3 KB

Overview

This skill provides expert guidance and patterns for safe AT-SPI2 automation on Linux desktops. It focuses on automating GTK and Qt applications via the D-Bus accessibility interface while emphasizing security, performance, and reliability. It is a high-risk capability and includes mandatory controls for system-wide access and input injection.

How this skill works

It inspects the AT-SPI2 accessible object tree and uses session D-Bus calls to query roles, states, text, and actions. The skill shows secure wrappers around pyatspi2/gi.repository.Atspi, event listener registration, and element discovery with timeouts and caching. Every operation is validated against blocklists, permission tiers, and audit logging to prevent sensitive interactions.

When to use it

  • Automating UI flows in desktop applications that expose AT-SPI2 accessible objects.
  • Building assistive-technology integrations that must query UI roles, states, or perform allowed actions.
  • Creating test automation that interacts with UI elements where native APIs are unavailable.
  • Monitoring UI focus and window events while avoiding high-volume event subscriptions.
  • Any automation that requires strict audit trails, permission tiers, and safety checks.

Best practices

  • Enforce permission tiers (read-only, standard, elevated) and block sensitive apps and roles such as password fields.
  • Validate application identity via the desktop registry and maintain an app blocklist before interacting.
  • Apply timeouts, rate limiting, and retry policies for all D-Bus calls to avoid hangs and flooding.
  • Cache frequently accessed nodes with a short TTL and limit search scope to a specific application or role.
  • Register only required AT-SPI2 events (avoid wildcard subscriptions) and log every operation with correlation IDs.

Example use cases

  • Safe extraction of non-sensitive UI labels and states for automated testing in a CI environment.
  • Controlled UI activation for accessibility testing while preventing input into password fields and terminals.
  • Event-driven workflows that respond to window activation and focus changes without registering all events.
  • Automated UI audits that record actions to an audit log for compliance reviews.
  • Asynchronous element discovery and interaction for heavy tree traversals off the main thread.

FAQ

No. Input actions require an elevated permission tier and explicit checks; read-only tiers must never perform actions or text input.

How do I avoid leaking sensitive text like passwords?

Block PASSWORD_TEXT roles, redact names containing secret tokens, and never read or write to fields classified as sensitive.

Which D-Bus bus should I use?

Use the session bus only and validate peer credentials; avoid system bus access for AT-SPI2 operations.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational
linux-at-spi2 skill by martinholovsky/claude-skills-generator | VeilStrat