多引擎全自动搜索聚合器

v1.0.3

自动调用所有已安装搜索技能并行检索，去重交叉验证后整合排序，提供最全面、准确、实时的搜索结果。

⭐ 0· 174·0 current·0 all-time

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for chn012cjus/multi-engine-auto-search.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "多引擎全自动搜索聚合器" (chn012cjus/multi-engine-auto-search) from ClawHub.
Skill page: https://clawhub.ai/chn012cjus/multi-engine-auto-search
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install multi-engine-auto-search

ClawHub CLI

Package manager switcher

npx clawhub@latest install multi-engine-auto-search

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The name/description (multi-engine aggregator) matches the code: it discovers search-related skills and invokes them to aggregate results. However SKILL.md refers to Unix-like ~/.openclaw paths while run.py uses hardcoded Windows paths (C:\Users\86195\.openclaw\...), which is an inconsistency. The code also depends on curl.exe for direct Bing fallback even though the registry metadata lists no external binary requirements.

Instruction Scope

The script scans local skill directories and launches each discovered skill as a subprocess, passing the user query and relying on a shared TEMP file (mes_result.json) for child-to-parent communication. This means the aggregator will execute arbitrary installed skill code with the agent user's privileges and will write/read plaintext query files in a shared temp location. The instructions/code also perform direct network requests (Bing via curl) as a fallback. These behaviors can expose sensitive queries to child scripts, other users/processes on the machine (via temp files), or external endpoints.

✓

Install Mechanism

There is no install spec (instruction-only with bundled run.py). That minimizes supply-chain install risk; nothing is downloaded or extracted at install time. However the packaged run.py itself contains the execution logic, so the code shipped with the skill is what will run.

ℹ

Credentials

The skill declares no required environment variables or credentials, which aligns with its local-aggregation purpose. It does, however, rely implicitly on the system TEMP directory (os.environ.get('TEMP')) and on the presence of curl.exe — neither of which are declared. The script also assumes the ability to read ~/.openclaw/skills (or the Windows equivalent) and execute scripts found there; that is expected for aggregating installed skills but grants broad local access.

ℹ

Persistence & Privilege

The skill does not request always:true and is user-invocable only. It does spawn unbounded parallel workers in practice (ThreadPoolExecutor with max_workers=len(skills)), which could be large and cause resource exhaustion. It also uses a global temp file name for inter-process communication, creating possible race/symlink attacks or data leakage; but it does not attempt to modify other skills' configurations or request permanent platform privileges.

What to consider before installing

Before installing, consider these risks and mitigations: - The aggregator will execute any 'search' skill found in your local skills directories with your user privileges. Audit the installed search skills first — a malicious or compromised skill can read files, network, and exfiltrate queries. - The tool writes the query and reads results via shared TEMP files (mes_in.json / mes_result.json). Queries are stored in plaintext in the system temp directory and could be read by other local users/processes; child scripts may also write unexpected data. Prefer running in an isolated account or VM if queries are sensitive. - The code contains inconsistent path assumptions (hardcoded Windows user path vs SKILL.md's ~/ paths) and an implicit dependency on curl.exe; it may fail or behave unexpectedly on non-Windows systems. - Parallelism uses one worker per discovered skill; if you have many skills this may exhaust resources. The use of a single global temp filename introduces race conditions and possible tampering. Recommendations: only install if you (a) inspect and trust the local search skills that will be invoked, (b) are comfortable with queries being written to the system temp directory, and (c) can run the aggregator in an isolated environment. If you plan to use it, modify the code to use per-process temp files (securely created), limit concurrency, and avoid hardcoded user paths or undocumented external binary requirements.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e89af3vhkb2ezbzjypwsztx83y9dx

174downloads

0stars

4versions

Updated 3w ago

v1.0.3

MIT-0

multi-engine-auto-search - 全引擎自动聚合搜索

功能

自动发现所有已安装的搜索类技能脚本，并行调用后聚合去重输出。

调用方式

python run.py <关键词>

实现逻辑

扫描 ~/.openclaw/skills/ 和 ~/.openclaw/workspace/skills/ 两个目录
发现所有名字含 search/web/find/cn/browser 的技能的 run.py 或 scripts/search.py
并行用 subprocess 调用每个脚本（传入关键词 + --json）
通过共享临时文件 mes_result.json 读取子进程 JSON 结果
所有结果按 URL 去重
无任何结果时自动用 Bing 直接兜底

支持的引擎/技能

技能	脚本	状态
`browser-search-ultimate-cn`	run.py	✅ 可用（Bing）
`cn-enhanced-search`	run.py	✅ 可用（Bing）
`auto-all-search`	run.py	✅ 可用（Bing）
`web-search-plus`	scripts/search.py	⚠️ 需API Key
`multi-search-engine`	无run.py	❌ 空壳

技术细节

并行：ThreadPoolExecutor，无数量限制
子进程通信：临时文件（解决 subprocess stdout 中文编码问题）
兜底：Bing 直接 curl（cn.bing.com）
依赖：Python 3 标准库 + curl.exe

输出格式

== [Multi-Engine Search] <关键词> ==
[Discovery] Found N search skill(s)
[<skill>] +N
...
== [Core Answer] ==
  摘要1
  摘要2
== [Total: N unique | Sources: x, y] ==
N. [source] 标题
   摘要
   URL

Comments

Loading comments...