Is ericsantos/jina-reader safe?

https://github.com/openclaw/skills/tree/main/skills/ericsantos/jina-reader

99
SAFE

The Jina Reader skill is a legitimate web content extraction tool that interfaces with Jina AI's API. It follows good security practices with proper input validation and error handling, with only minor concerns about data transmission to third-party services.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 95/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 98/100 · 5%

Findings (2)

LOW Third-party data transmission -5

URLs and search queries provided to the skill are transmitted to Jina AI's external servers for processing. While this is the intended functionality, users should be aware that sensitive URLs or queries could be exposed to the third-party service.

LOW Potential for reconnaissance -2

When combined with other skills that provide network access, this skill could potentially be used to extract content from internal URLs or perform reconnaissance, though this is not an inherent security flaw of the skill itself.