This skill behaves as advertised (it delegates extraction to r.jina.ai then summarizes the returned markdown), but it will cause your requested URL and the fetched page content to be fetched and processed by a third-party service. Before installing or using it, consider: - Do not send sensitive, private, or internal URLs (intranets, private docs, or cloud metadata endpoints like 169.254.169.254) — doing so can leak secrets or enable SSRF via the remote extractor. - Treat r.jina.ai as an external party: any content fetched for summarization will be disclosed to them. Verify you trust that service or host an extractor locally. - The skill writes to predictable /tmp filenames; if you must use it, prefer changing the workflow to use a secure temporary filename (e.g., mktemp) to avoid collisions or exposure. - If you need to summarize protected content, fetch the page locally (ensuring credentials are handled safely), sanitize/remove sensitive headers or query params, and run a local extraction/parsing step instead of sending the raw URL to a public extractor. If you want a safer alternative, ask for a version that accepts raw HTML you provide (so you control what is sent externally) or for instructions to run a local HTML-to-text tool rather than delegating fetching to r.jina.ai.