Open Websearch

Name/description (open-websearch setup and focused retrieval) align with the content: SKILL.md details local CLI/daemon, MCP/tool, HTTP endpoint, and source/build workflows that are expected for such a skill. Nothing requested (no env-vars, no binaries, no config paths) is disproportionate to this purpose.

The runtime instructions are detailed and remain within the stated purpose (detect capability, prefer smallest path, ask before installing, validate with 'open-websearch status', use 'search'/'fetchWebContent'/'fetchGithubReadme'). The docs mention optional runtime/config env vars and Playwright/browser-related variables (e.g., PLAYWRIGHT_EXECUTABLE_PATH, PLAYWRIGHT_MODULE_PATH, PLAYWRIGHT_WS_ENDPOINT, PLAYWRIGHT_CDP_ENDPOINT, FETCH_WEB_INSECURE_TLS, SEARCH_MODE) and npm proxy/registry guidance. These references are reasonable as optional configuration or fallbacks, but they do mean the skill may ask to read or set such variables or to install Playwright/browser artifacts if the user consents — the instructions explicitly require confirmation before such actions.

Instruction-only skill with no install spec and no code files; lowest-risk install posture. The only potential installs discussed are user-confirmed npm/Playwright/browser installs, which the SKILL.md explicitly says to ask about before proceeding.

The skill declares no required env vars or credentials. It sensibly documents optional environment variables and proxy settings that may be relevant for specific setup paths. No unrelated credentials or broad access is requested.

always is false and the skill does not request persistent or system-wide privileges. It does not modify other skills or global agent configs by default. It can be invoked autonomously (default behavior), but that is normal and not combined with other red flags here.