Back to skill

Security audit

Jina Reader

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Jina Reader helper, but anything you ask it to read, search, or fact-check is sent to Jina's external service.

Install only if you are comfortable sending requested URLs, search queries, CSS selectors, and fact-check text to Jina AI. Avoid private intranet links, secrets, credentials, personal data, regulated data, or confidential business material unless that third-party processing is approved.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill sends URLs, search queries, and fact-check statements to Jina's external service, but the description does not clearly disclose that user inputs are transmitted to a third party. This can lead users to submit sensitive internal URLs, proprietary queries, or confidential claims under the mistaken assumption the processing is local.

Missing User Warnings

Low
Confidence
83% confidence
Finding
The API key setup instructions tell users to provide sensitive credentials via an environment variable or local file without explicitly warning that the skill reads and uses those secrets. Missing credential-handling disclosure increases the chance of accidental exposure, unsafe sharing, or misunderstanding about what the skill accesses locally.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.