Jina Web Fetcher - 网页抓取
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: jina-web-fetcher Version: 1.0.0 The skill instructs the AI agent to make external network calls using `curl` to `https://r.jina.ai/` with user-controlled URLs (e.g., `http://目标URL`). This introduces a supply chain risk by relying on an external, third-party service. More critically, it creates a vulnerability for Server-Side Request Forgery (SSRF) against the `r.jina.ai` service if a malicious user provides an internal IP or sensitive URL. Additionally, the direct embedding of user input into a shell command in `SKILL.md` poses a prompt injection risk for the agent if it does not properly sanitize the user-provided URL before execution.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could fetch arbitrary web pages or search results through a proxy, which may violate site policies or retrieve content the user did not intend to access.
The skill intentionally exposes broad arbitrary-URL fetching and describes it as bypassing search-engine restrictions. This is disclosed and aligned with the skill purpose, but it can be misused if applied to sites or searches the user should not scrape.
description: 使用 Jina AI 抓取网页内容,绕过搜索引擎限制。支持任意URL,支持 Google 搜索结果抓取。
Use it only for URLs and searches you are allowed to access, avoid automated bulk scraping, and confirm sensitive targets before running the curl command.
If a URL or search query contains private information, tokens, or sensitive terms, that information may be exposed to the third-party fetch service.
All fetched target URLs are sent to the external r.jina.ai service. This is expected for the skill, but it means Jina AI can observe the requested URLs and related query strings.
curl -s "https://r.jina.ai/http://目标URL"
Do not use this skill with private intranet URLs, secret-bearing links, access tokens in query strings, or sensitive search queries unless you are comfortable sending them to Jina AI.