ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Jina CLI

v1.0.0

Reads web content and searches the web using Jina AI Reader API. Use when extracting content from URLs, reading social media posts (X/Twitter), or web search...

0· 82·1 current·1 all-time
by@jackfeng0614-prog

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for jackfeng0614-prog/jina-cli.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Jina CLI" (jackfeng0614-prog/jina-cli) from ClawHub.
Skill page: https://clawhub.ai/jackfeng0614-prog/jina-cli
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install jina-cli

ClawHub CLI

Package manager switcher

npx clawhub@latest install jina-cli
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description (web reading/search via Jina Reader API) match the SKILL.md commands, options, and implementation notes (Go CLI, read/search/config). There are no unrelated credentials or surprising capabilities in the feature set itself.
!
Instruction Scope
The SKILL.md instructs installing and running a CLI that will fetch arbitrary URLs and optionally 'forward cookies' and use proxies. The docs also list environment variables and a config path (~/.jina-reader/config.yaml) even though the registry metadata declares no env requirements. The cookie-forwarding option can cause sensitive session data to be sent to the CLI's fetch subsystem or onward to external endpoints; the instructions give the agent discretion to fetch arbitrary URLs and batch process lists, which increases blast radius.
!
Install Mechanism
There is no install spec in the registry, but SKILL.md recommends a curl -fsSL https://raw.githubusercontent.com/.../install.sh | bash installation. Piping an unsigned remote script to bash is high risk (arbitrary code execution). The script is hosted on GitHub raw content (better than an unknown IP, but still unverified and not pinned to a release or checksum).
Credentials
SKILL.md documents several environment variables (API base URLs, timeout, proxy, feature flags). Those are configuration knobs (non-secret) and make sense for a web-reading CLI. However, the registry metadata lists no environment requirements while the instructions reference them — an inconsistency. The explicit cookie-forwarding option is a potential vehicle for exfiltrating secrets if used improperly.
Persistence & Privilege
The skill does not request 'always' presence and there are no declared system-level config modifications in the registry. The only persistence suggested is the CLI's own config file (~/.jina-reader/config.yaml) which is within normal bounds for a user-installed tool.
What to consider before installing
Be cautious. The core functionality (reading URLs, searching) is coherent, but SKILL.md tells you to run an unsigned install script from a GitHub raw URL (curl | bash). That action can execute arbitrary code on your system. Before installing: (1) inspect the install.sh content in the referenced repository (do not run it blind), (2) prefer a release artifact with a checksum or building from source with Go 1.24 if you trust the project, (3) avoid using --cookie / forwarding real session cookies unless you understand where those cookies are sent, (4) review and limit proxy settings and environment variables, and (5) verify the upstream repository and maintainer reputation. If you can't validate the install script and repository, treat this as untrusted software and avoid running it.

Like a lobster shell, security has layers — review code before you run it.

latestvk9726z606nzjsf8q718919mvm584h3bn
82downloads
0stars
1versions
Updated 2w ago
v1.0.0
MIT-0
@jackfeng0614-prog
latest
Download

jina - Web Content Reader & Search

CLI tool for reading web content and performing AI-powered web searches.

Quick start

Install:

curl -fsSL https://raw.githubusercontent.com/geekjourneyx/jina-cli/main/scripts/install.sh | bash

Basic usage:

# Read a URL
jina read --url "https://example.com"

# Search the web
jina search --query "golang latest news"

Commands

CommandPurpose
readExtract and convert content from URLs to LLM-friendly format
searchSearch the web with AI-powered result processing
configManage settings (set/get/list/path)

Read command

Extract content from any URL:

# Basic read
jina read --url "https://example.com"

# Read with image captioning
jina read -u "https://x.com/user/status/123" --with-alt

# Batch process from file
jina read --file urls.txt

# Output as Markdown
jina read -u "https://example.com" --output markdown

# Save to file
jina read -u "https://example.com" --output-file result.md

Response formats

The API can return content in different formats via --format:

  • markdown - Default, LLM-friendly Markdown
  • html - Raw HTML
  • text - Plain text
  • screenshot - URL to a screenshot

Advanced options

# Bypass cache
jina read -u "https://example.com" --no-cache

# Use proxy
jina read -u "https://example.com" --proxy "http://proxy.com:8080"

# CSS selector extraction
jina read -u "https://example.com" --target-selector "article.main"

# Wait for element to load
jina read -u "https://example.com" --wait-for-selector "#content"

# Forward cookies
jina read -u "https://example.com" --cookie "session=abc123"

# POST method for SPA with hash routing
jina read -u "https://example.com/#/route" --post

Search command

Search the web with automatic content fetching from top results:

# Basic search
jina search --query "golang latest news"

# Restrict to specific sites
jina search -q "AI developments" --site techcrunch.com --site theverge.com

# Limit results
jina search -q "climate change" --limit 10

# Output format
jina search -q "news" --output markdown

Site filtering

Use multiple --site flags to restrict search to specific domains:

jina search -q "startup funding" --site techcrunch.com --site theverge.com --site wired.com

Configuration

Config file: ~/.jina-reader/config.yaml

Priority: Command args > Environment vars > Config file > Defaults

Environment variables:

  • JINA_API_BASE_URL - Read API URL (default: https://r.jina.ai/)
  • JINA_SEARCH_API_URL - Search API URL (default: https://s.jina.ai/)
  • JINA_TIMEOUT - Request timeout in seconds (default: 30)
  • JINA_WITH_GENERATED_ALT - Enable image captioning (default: false)
  • JINA_OUTPUT_FORMAT - Output format: json/markdown (default: json)
  • JINA_PROXY_URL - Proxy server URL

Config commands:

# Set configuration
jina config set timeout 60
jina config set with-generated-alt true

# View configuration
jina config list
jina config get timeout
jina config path

Output formats

JSON format (default, machine-readable):

{
  "success": true,
  "data": {
    "url": "https://example.com",
    "content": "# Extracted Content\n\n...",
    "title": "Page Title"
  }
}

Markdown format (human-readable):

jina read -u "https://example.com" --output markdown

Common use cases

Reading social media posts

# X (Twitter) posts
jina read -u "https://x.com/elonmusk/status/123456" --with-alt

# The --with-alt flag enables VLM image captioning for embedded images

Reading articles/blogs

# Standard article
jina read -u "https://blog.example.com/article"

# With specific format
jina read -u "https://example.com" --format text --output markdown

Research workflows

# 1. Search for topic
jina search -q "quantum computing 2025" --limit 10

# 2. Read specific results
jina read --file search_results.txt

Batch processing

Create a file with one URL per line:

cat > urls.txt << EOF
https://example.com/page1
https://example.com/page2
https://x.com/user/status/123
EOF

jina read --file urls.txt --output markdown

Project structure

cli/
├── main.go              # Root command
├── read.go              # read command
├── search.go            # search command
├── config.go            # config command
└── pkg/
    ├── api/client.go    # Jina API HTTP client
    ├── config/          # Config file management
    └── output/          # JSON/Markdown formatter

Implementation notes

  • Go 1.24+ required
  • Zero dependencies except Cobra
  • Single binary distribution
  • Config stored as simple key=value format (no YAML library dependency)

For API details: See cli/pkg/api/client.go

Comments

Loading comments...