Private Deep Search
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: privatedeepsearch-melt Version: 1.0.0 The skill bundle is designed for a privacy-first deep research assistant, utilizing a self-hosted SearXNG instance via Docker. The `setup.sh` script correctly initializes the SearXNG configuration by generating a unique secret key and starting the Docker container. The `deep_research.py` script performs web scraping and iterative searches, but all network requests are directed to the local SearXNG instance or legitimate external search engines/websites for content retrieval, with a clear focus on local processing and privacy (e.g., blocking tracking domains). There is no evidence of data exfiltration, malicious execution, persistence mechanisms, prompt injection against the agent, or obfuscation. All actions are transparent and aligned with the stated purpose.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may enter sensitive searches believing they never leave the machine, when search engines and fetched websites can still see queries or request metadata.
The privacy guide makes an absolute claim that no third party sees queries while also acknowledging that external search engines receive the query and IP information.
### 2. Self-Hosted = No Logs - SearXNG runs on YOUR machine - No third-party sees your queries ... | **DuckDuckGo** | Your IP*, search query | Nothing else |
Treat search queries as shared with external engines and result sites; use a VPN/Tor if needed and avoid searching highly sensitive secrets.
Other devices that can reach the host may be able to use the SearXNG instance, potentially exposing search activity or abusing the user's network.
A Docker Compose port mapping without an explicit 127.0.0.1 bind commonly publishes the service on all host interfaces, which is broader than the localhost-only framing in the documentation.
ports: - "8888:8080"
Bind the port to localhost, for example `127.0.0.1:8888:8080`, and use a firewall or access controls if the machine is on an untrusted network.
Search providers and fetched websites may see queries, URLs requested, IP address, timing, and related metadata.
External search providers are part of the intended workflow, so query data leaves the local machine even though the tool is self-hosted.
melt queries DuckDuckGo, Brave, Startpage, and friends.
Do not assume full anonymity; use a VPN or Tor for stronger network privacy and avoid sensitive personal or confidential queries.
The installed container can change over time, making behavior less reproducible and harder to audit.
The setup uses a mutable `latest` container tag, so future installs may run different upstream code than what was reviewed.
image: searxng/searxng:latest
Pin the SearXNG image to a specific version or digest and review updates before applying them.
The local search service may continue running after a research task finishes.
The service is designed to persist and restart in the background until manually stopped.
restart: unless-stopped
Stop the container when not needed, for example with `docker-compose down`, and document cleanup steps for users.