ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Jina Web Fetcher - 网页抓取

使用 Jina AI 抓取网页内容,绕过搜索引擎限制。支持任意URL,支持 Google 搜索结果抓取。

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 882 · 7 current installs · 7 all-time installs
by@xaiohuangningde
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description claim to fetch arbitrary webpages (including Google results) via Jina AI. The SKILL.md shows exactly that: curl to r.jina.ai/http://<target>. That is coherent with the stated purpose, though the explicit claim of 'bypass search engine restrictions' raises legal/ToS concerns rather than a technical incoherence.
!
Instruction Scope
Instructions directly tell the agent to proxy arbitrary URLs through https://r.jina.ai. This means any requested URL (including internal/private addresses or pages requiring auth) and the fetched page contents will be sent to a third party. The SKILL.md does not warn about this, nor does it constrain scope (only public URLs), so the runtime behavior can collect and transmit sensitive data.
Install Mechanism
This is an instruction-only skill with no install steps or code files, so there is no on-disk install risk.
!
Credentials
The skill requests no credentials, but its ability to fetch arbitrary URLs via a remote proxy is disproportionate: it can be used to access internal network endpoints (SSRF) or to exfiltrate private content to r.jina.ai. No environment variables are required or declared, and the SKILL.md does not disclose that data will be sent to a third party.
Persistence & Privilege
No persistent install or 'always' privilege is requested; the skill is user-invocable and uses normal autonomous invocation defaults.
What to consider before installing
This skill simply tells the agent to use r.jina.ai as a proxy to fetch any URL. Before installing or using it consider: 1) Privacy/exfiltration — any URL and page contents you ask to fetch will be relayed to r.jina.ai (including potentially sensitive internal endpoints). 2) SSRF risk — you can inadvertently expose internal services by fetching internal URLs through the proxy. 3) Legal/ToS risk — using a proxy to 'bypass search engine restrictions' may violate site terms of service. 4) If you must use it, avoid sending credentials or private/internal URLs, and verify r.jina.ai's privacy policy or run your own trusted proxy instead. If you need simple public-page fetching, prefer a local fetch method under your control.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
fetchvk970hb0vmjctm0vhgxkh1nkdqx81x01vjinavk970hb0vmjctm0vhgxkh1nkdqx81x01vlatestvk970hb0vmjctm0vhgxkh1nkdqx81x01vscrapervk970hb0vmjctm0vhgxkh1nkdqx81x01vwebvk970hb0vmjctm0vhgxkh1nkdqx81x01v

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Jina Web Fetcher

使用 Jina AI 服务抓取网页内容。

安装

无需安装,直接使用 curl。

使用

# 抓取任意网页
curl -s "https://r.jina.ai/http://目标URL"

# 抓取 Google 搜索结果
curl -s "https://r.jina.ai/http://www.google.com/search?q=搜索词"

示例

# 抓取 GitHub Trending
curl -s "https://r.jina.ai/http://github.com/trending"

# 抓取 Hacker News
curl -s "https://r.jina.ai/http://news.ycombinator.com"

# 抓取特定文章
curl -s "https://r.jina.ai/http://example.com/article"

注意

  • Google 被封锁时使用 r.jina.ai 仍可能被拦截
  • 大部分网站都可以正常抓取

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…