jina-reader
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches data from Jina AI's public API endpoints (r.jina.ai, s.jina.ai, g.jina.ai) using
curlto extract content, search the web, or fact-check claims.\n- [DATA_EXFILTRATION]: User-provided URLs and search queries are sent to Jina AI's external infrastructure. This behavior is functional and necessary for the tool's primary purpose of web content extraction and helps mask the user's server IP.\n- [PROMPT_INJECTION]: The skill processes untrusted web content which presents a surface for indirect prompt injection. The script implementation mitigates risks by usingjqfor URI encoding and safe JSON construction when handling input.\n- [COMMAND_EXECUTION]: Script parameters are handled securely using shell quoting andjq's argument passing (--arg) to prevent arbitrary command execution within the bash environment.
Audit Metadata