ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

SearXNG Search CLI (Free, Self-hosted, Auto-deploy, Multi-Channel)

v1.2.1

Use self-hosted SearXNG search engine (Free, Self-hosted, Auto-deploy, Multi-Channel). SearXNG is a free meta search engine that aggregates 200+ search engin...

0· 104·0 current·0 all-time
byKinema.@leeshunee
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the implementation: the script clones searxng, creates a venv, configures JSON API, starts/stops the webapp, and exposes a search CLI. Required capabilities and files are appropriate for a self-hosting installer/CLI.
Instruction Scope
SKILL.md + ONBOARDING direct the agent/user to run an installer that downloads tools, clones GitHub, edits settings.yml, copies limiter.toml to /etc, and runs systemctl --user. All are within the stated purpose (install/manage SearXNG) but they involve system-level changes and network downloads that increase risk; they also instruct creating sudo symlinks and copying files to /etc which require elevated privileges.
!
Install Mechanism
No formal install spec but the runtime script invokes remote installation: curl -LsSf https://astral.sh/uv/install.sh | sh to install 'uv'. Executing a remote install script from a non-major host and piping it to sh is high risk. The script also git-clones upstream and runs shell commands with shell=True. These are coherent for installing SearXNG but are sensitive operations that should be audited before execution.
Credentials
The skill does not request unrelated credentials or environment variables. It optionally uses SEARXNG_SECRET (reasonable for the service). No extraneous secret exfiltration or unrelated cloud keys are required.
Persistence & Privilege
The skill writes a per-user systemd service and suggests enabling it (systemctl --user enable) and creating system-wide symlinks (/usr/local/bin) and copying files into /etc. Persisting as a user service and installing system files is expected for this installer, but these actions require care (privileged file writes, potential systemd config changes). always:false and normal autonomous invocation are used.
Scan Findings in Context
[no_findings] expected: The provided static scan reported no findings. Manual review did identify high-risk patterns in the script (curl | sh from astral.sh, subprocess.run(..., shell=True), copying to /etc, pkill/systemctl calls). Those patterns can be expected for an installer but increase risk and should be reviewed.
What to consider before installing
This skill appears to do what it claims (install and run a self-hosted SearXNG) but its installer performs sensitive operations: it downloads and executes a remote install script (curl | sh), clones code from GitHub, edits configuration files, copies limiter.toml to /etc (may require sudo), and writes/enables a systemd service. Before installing: (1) do not run the installer on your main machine — prefer a disposable VM or container; (2) inspect the remote install script (https://astral.sh/uv/install.sh) or install 'uv' manually instead of piping to sh; (3) avoid running commands with sudo blindly and review any files copied to /etc; (4) ensure the service is bound to localhost and keep SEARXNG_SECRET private; (5) if you only need search results, prefer connecting to an already-running trusted instance rather than running the install. If you want, I can list the exact lines that are risky or produce a safe alternative set of commands to install in a container.

Like a lobster shell, security has layers — review code before you run it.

latestvk976qk75jx4cs760qjynsa4z2h841jz6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments