ClawHub

huo15-searxng

v1.1.3

SearXNG 自托管搜索引擎一键部署 - Docker Compose + OpenClaw 配置自动化 (v1.1.0)

0· 6·0 current·0 all-time
byJob Zhao@zhaobod1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the actual behavior: scripts install SearXNG via Docker Compose, detect ports, perform health checks, and configure OpenClaw via an environment variable. Requested binaries (docker, nc) are appropriate for those tasks.
Instruction Scope
The runtime instructions and scripts will create/modify local files: $HOME/docker/searxng and entries in the user's ~/.zshrc (SEARXNG_BASE_URL). All network activity in scripts is local (curl/wget to localhost) or Docker pulling the searxng/searxng:latest image from Docker Hub. There is no code that reads or transmits arbitrary host files or secrets to external endpoints.
Install Mechanism
There is no automated remote install step in the skill bundle (scripts are included in the package). The scripts pull a public Docker image from Docker Hub (searxng/searxng:latest) via docker compose, which is expected for this use case. No downloads from obscure URLs, shorteners, or personal servers were found.
Credentials
The skill does not request credentials or environment variables at install time. It does modify the user's shell profile (~/.zshrc) to add/export SEARXNG_BASE_URL, and scripts read that file to load the variable. Modifying ~/.zshrc is within scope for configuring a locally installed service, but users should expect and review this change.
Persistence & Privilege
The skill does not request always:true and does not change other skills' configs. It does persist configuration/data under $HOME/docker/searxng and writes to ~/.zshrc. This is expected for a local service installer but is a persistent change to the user's environment.
Assessment
This skill appears to do what it says: it will create ~/docker/searxng, render docker-compose.yml and settings, pull the official searxng Docker image, start containers, and add an SEARXNG_BASE_URL line to your ~/.zshrc. Before running or allowing an agent to run it autonomously: 1) Backup your ~/.zshrc (the scripts edit it in-place and do not create a backup). 2) Inspect the included scripts and generated docker-compose/settings to confirm the engine list and settings meet your privacy/legal expectations (e.g., some engines may rely on scraping). 3) Be aware the installer pulls searxng/searxng:latest from Docker Hub — if you require pinned versions, modify the image tag. 4) The scripts use macOS-style sed -i '' in some places which may fail on some Linux systems; run the scripts manually if you prefer to watch and control execution. 5) If you prefer not to have the skill modify your shell profile automatically, run the install script manually and add the SEARXNG_BASE_URL export to your profile yourself. Overall, no evidence of credential exfiltration or contact with unexpected external endpoints was found.

Like a lobster shell, security has layers — review code before you run it.

latestvk979ww1e7zcjc0wcdaanr1srg584q9zx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔍 Clawdis
Binsdocker, nc

Comments