Jina Reader
PassAudited by ClawScan on May 1, 2026.
Overview
This is a transparent Jina Reader API wrapper with expected external data sharing and optional API-key use, and no hidden install, persistence, or unrelated actions.
This skill appears safe to install if you are comfortable with Jina AI receiving the URLs, searches, or statements you ask it to process. Set JINA_API_KEY only if you want authenticated usage, and treat that key like any other service credential.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
URLs, searches, and statements you ask the skill to process are shared with Jina AI for extraction, search, or grounding.
The script sends the user-provided URL, search query, or fact-check statement to Jina API endpoints. This is disclosed and core to the skill, but it means Jina receives the submitted content.
curl -sS "${HEADERS[@]}" "https://r.jina.ai/${INPUT}" ... "https://s.jina.ai/${ENCODED_QUERY}" ... -X POST "https://g.jina.ai/" -d "$(jq -n --arg s "$INPUT" '{statement: $s}')"Avoid submitting private/internal URLs or sensitive statements unless you are comfortable with Jina processing them.
If you set JINA_API_KEY, requests made by this skill may count against your Jina account limits or billing.
The script reads the optional JINA_API_KEY environment variable and sends it as a bearer token to Jina. This is expected for the service but gives the skill access to use that key for Jina requests.
API_KEY="${JINA_API_KEY:-}" ... HEADERS+=(-H "Authorization: Bearer $API_KEY")Use a dedicated or revocable Jina API key, avoid exposing it in shared shells or logs, and monitor account usage if cost matters.