Jina Reader

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Jina Reader helper, but anything you ask it to read, search, or fact-check is sent to Jina's external service.

Install only if you are comfortable sending requested URLs, search queries, CSS selectors, and fact-check text to Jina AI. Avoid secrets, private intranet links, regulated data, personal data, credentials, or confidential business material unless that third-party processing is acceptable.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill sends user-supplied URLs, search queries, and fact-check statements to Jina's external API, but the description does not clearly warn users that their inputs leave the local environment. This can lead to accidental disclosure of sensitive URLs, internal references, proprietary search terms, or confidential statements to a third party.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The script sends user-supplied URLs, search queries, and fact-check statements to third-party Jina endpoints, and may also attach a bearer token automatically if present. While this matches the skill's purpose, the lack of prominent disclosure or confirmation can cause users to unknowingly transmit sensitive prompts, internal URLs, or proprietary data off-host to an external service.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal