ClawHub

SearXNG Metasearch

v1.0.0

Search the web using a self-hosted SearXNG instance. Privacy-respecting metasearch that aggregates results from multiple engines.

1· 1.7k·1 current·1 all-time
by@clockworksquirrel
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the provided instructions: all content focuses on installing and querying a self-hosted SearXNG instance. The only declared optional environment variable (SEARXNG_URL) is appropriate for this purpose.
Instruction Scope
SKILL.md instructs creating config files and running docker compose to host SearXNG and shows curl/jq examples for querying the JSON API. It does not instruct reading unrelated system files or exfiltrating data. Two operational cautions: the example settings.yml uses bind_address: 0.0.0.0 (which exposes the service on all interfaces) and a placeholder secret_key "change-me-to-random-string" — both are functional but insecure defaults that the user should change and harden before exposing the service.
Install Mechanism
There is no install spec and no code files — the skill is purely documentation/instructions. Installation is performed by the user via Docker Compose (user-run), so the skill itself does not download or execute code.
Credentials
The skill does not require any credentials or sensitive environment variables. It documents an optional SEARXNG_URL env var for convenience, which is appropriate and proportional to the task.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request persistent platform privileges or attempt to modify other skills or system-wide agent settings. Any files/config created are under the user's control (e.g., ~/Projects/searxng).
Assessment
This skill is an instruction/manual for running SearXNG and appears coherent. Before following it: change the example secret_key to a strong random value; avoid exposing the service publicly (the example binds to 0.0.0.0) unless you place it behind a reverse proxy, enable authentication, and use TLS; run the official searxng Docker image and keep it updated; restrict host firewall rules and Docker network exposure; review the created settings.yml and docker-compose.yml before launching. Because this is instruction-only, the skill itself will not automatically access your machine or credentials — the actions occur only when you run the commands.

Like a lobster shell, security has layers — review code before you run it.

latestvk97863cwnvv672g2zet1vect2h800aq5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments