Back to skill
Skillv1.0.2
ClawScan security
SearXNG Local Search · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 28, 2026, 10:01 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions match its stated purpose (querying a self-hosted SearXNG instance); nothing requested or described is disproportionate, but be aware that pointing the skill at a remote SEARXNG_URL will send your queries to that endpoint.
- Guidance
- This skill appears to be what it claims: a simple HTTP-based wrapper for a SearXNG instance. Before installing, decide whether you will run SearXNG locally (recommended) or point the skill at a remote SEARXNG_URL. If you point it at a third-party server, your search queries will be sent to that operator — avoid sending sensitive queries to unknown external instances. If you host locally, follow the included notes: bind to 127.0.0.1, replace the example secret_key with a strong random value, and do not expose the instance to the public internet without HTTPS and access controls.
Review Dimensions
- Purpose & Capability
- okName/description describe a wrapper for a self-hosted SearXNG instance. The skill requires no credentials, no binaries, and only optionally uses SEARXNG_URL to locate the instance — all are appropriate for the described function.
- Instruction Scope
- noteSKILL.md defines a single HTTP GET to the SearXNG /search endpoint and documents how to run SearXNG locally (Docker compose). The instructions do not read local files or other environment variables. Note: if the user sets SEARXNG_URL to a remote server, queries (including any sensitive search text) will be transmitted to that endpoint.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files — nothing is written to disk or downloaded by the skill itself.
- Credentials
- noteNo required environment variables or secrets; only an optional SEARXNG_URL to point to the instance. This is proportionate, but the optional URL can direct requests to third-party servers if the user sets it, which may expose queries to that operator.
- Persistence & Privilege
- okSkill is not always-enabled, does not request persistent privileges, and does not modify other skills or system configuration. Agent autonomous invocation is allowed by default (normal) but not elevated by the skill.