Back to plugin

Security audit

Agent Searchkit

Security checks across malware telemetry and agentic risk

Overview

Agent Searchkit is a coherent local search tool, but its privacy wording overstates that queries stay on the machine even though it uses SearXNG to reach public search engines.

Install only if you are comfortable with your search queries going to the configured SearXNG instance and its upstream search engines. Do not search secrets, run it with minimal environment credentials, pin the Docker image if possible, and periodically clean local research-run files.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.install_untrusted_source

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
dist/index.js:3688
Evidence
const child = spawn(command, args, {

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
src/index.ts:5155
Evidence
const child = spawn(command, args, {

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
dist/index.js:3690
Evidence
env: process.env,

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
src/index.ts:5157
Evidence
env: process.env,

Install source points to URL shortener or raw IP.

Warn
Code
suspicious.install_untrusted_source
Location
openclaw.plugin.json:13
Evidence
"default": "http://127.0.0.1:8888"