For Beginners
What is this tool?
Section titled “What is this tool?”a11y-demo-site is a working reference implementation that shows how to build an automated accessibility testing pipeline with cryptographic proof. It combines two tools — a11y-evidence-engine (scanner) and a11y-assist (verifier + advisor) — into a single script that scans HTML, signs findings, verifies integrity, and produces fix recommendations.
It is a demo, not a framework. The HTML files in this repo contain intentional accessibility bugs so the pipeline always has something to find and verify.
Who is this for?
Section titled “Who is this for?”- Developers learning how to add accessibility checks to their CI/CD pipeline
- QA engineers who want to see what a verified accessibility report looks like
- Accessibility advocates building the case for automated compliance tooling
- Anyone curious about how cryptographic provenance works in practice
Prerequisites
Section titled “Prerequisites”- Node.js 20+ — check with
node --version - Python 3.10+ — check with
python --version - Git — to clone the repository
- Basic terminal skills — you’ll run shell scripts
Your First 5 Minutes
Section titled “Your First 5 Minutes”1. Install the scanner and verifier
Section titled “1. Install the scanner and verifier”npm install -g a11y-evidence-enginepip install a11y-assist2. Clone the demo repo
Section titled “2. Clone the demo repo”git clone https://github.com/mcp-tool-shop-org/a11y-demo-sitecd a11y-demo-site3. Run the pipeline
Section titled “3. Run the pipeline”./scripts/a11y.shYou’ll see output like:
==> Scan (a11y-evidence-engine)==> Ingest + verify provenance (a11y-assist)==> Done4. Inspect the results
Section titled “4. Inspect the results”Open results/a11y-assist/ingest-summary.json — it shows how many findings were detected and whether provenance verification passed.
Open results/a11y-assist/advisories.json — it contains fix recommendations for each violation.
5. Verify demo integrity
Section titled “5. Verify demo integrity”./scripts/check-demo-integrity.shThis confirms the intentional bugs in the HTML files haven’t been accidentally fixed.
Common Mistakes
Section titled “Common Mistakes”-
Missing global npm install —
a11y-evidence-enginemust be installed globally (npm install -g), not locally. The script invokesa11y-engineas a shell command. -
Accidentally fixing the HTML — The demo HTML contains intentional bugs. If you fix them, the pipeline has nothing to find. Use
check-demo-integrity.shto verify the bugs are still present. -
Wrong Python version —
a11y-assistrequires Python 3.10+. Older versions will fail on import. -
Running on Windows without Git Bash — The
a11y.shscript is a bash script. On Windows, use Git Bash, WSL, or another bash-compatible shell. -
Confusing “VERIFIED” with “PASSED” — “Provenance: VERIFIED” means the evidence wasn’t tampered with. It does NOT mean the HTML has no accessibility issues. The pipeline is designed to find issues and prove they’re real.
Next Steps
Section titled “Next Steps”- Getting Started — Detailed prerequisites and installation
- The Pipeline — How the four stages (Scan, Sign, Verify, Advise) work
- Inspecting Results — How to read CI artifacts
Glossary
Section titled “Glossary”| Term | Definition |
|---|---|
| a11y | Short for “accessibility” (a, then 11 letters, then y) |
| WCAG | Web Content Accessibility Guidelines — the international standard for web accessibility |
| Scorecard | A JSON file listing accessibility findings from a scan |
| Finding | A single accessibility violation (e.g., missing alt text on an image) |
| Provenance | Proof of where evidence came from and that it hasn’t been modified |
| Digest | A SHA-256 hash that acts as a fingerprint for a piece of evidence |
| Envelope | The wrapper containing a finding’s digest and metadata |
| Advisory | A fix recommendation generated from a verified finding |