Searxng Web Search
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: searxng-local-search Version: 0.1.0 The skill bundle describes a web search agent that uses a local `babashka` script to query a self-hosted SearXNG instance. All instructions in `SKILL.md` and documentation in `references/api-guide.md` are consistent with this stated purpose. There is no evidence of data exfiltration, malicious execution, persistence, obfuscation, or prompt injection attempts against the agent. While the skill involves shell execution (`bb`) and network access (to `SEARXNG_URL`), these capabilities are directly required for its stated function as a web search tool and are not indicative of malicious intent based on the provided content.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may not work as documented, and any separately supplied replacement script would need its own review before use.
The runtime instructions depend on `scripts/search.clj`, but the supplied manifest contains only `SKILL.md` and `references/api-guide.md`, so the runnable helper is not present in the reviewed artifacts.
bb scripts/search.clj "your search query"
Only install or run this skill if the expected `scripts/search.clj` file is supplied from a trusted source and matches the documented behavior.
Search terms may be visible to the configured SearXNG server and, depending on that server's configuration, upstream search engines.
Search queries are sent to the configured SearXNG endpoint. This is expected for the skill's purpose, but the endpoint choice determines who can observe those queries.
Set the `SEARXNG_URL` environment variable to your SearXNG instance
Use a trusted or local SearXNG instance and avoid putting secrets, credentials, or highly sensitive private data into search queries.