ClawHub

Searxng

v1.0.3

Privacy-respecting metasearch using your local SearXNG instance. Search the web, images, news, and more without external API dependencies.

29· 16.7k·390 current·418 all-time
byAvinash Venkatswamy@abk234
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill is a CLI wrapper around a local SearXNG JSON API. Required binary (python3) and included script are consistent with the description. No unrelated cloud credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md and the script only call the SearXNG HTTP API and print results. They do not read other system files or try to exfiltrate secrets. Note: the instructions and script expect a SEARXNG_URL environment variable (defaulting to http://localhost:8080) — the SKILL.md emphasizes configuring this.
Install Mechanism
No install spec is provided (instruction-only), so nothing is downloaded or executed automatically. The bundle does include a Python script that lists dependencies (httpx, rich) in its header; those are normal for a CLI skill but are not auto-installed by the registry.
Credentials
The skill requires a SEARXNG_URL to operate, which is appropriate. Registry metadata at the top lists 'Required env vars: none' while SKILL.md/metadata indicate SEARXNG_URL is required — this mismatch is a documentation/metadata inconsistency that should be fixed. No sensitive credentials are requested.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent privileges. It does not modify other skills or system-wide settings. Agent autonomous invocation is allowed (platform default) but not combined with any broad credentials or persistence.
Assessment
This skill appears to do exactly what it claims: query a SearXNG instance and display results. Before installing: 1) Ensure SEARXNG_URL points to a trusted instance (local or a public instance you trust); queries go to that host. 2) If you connect to a remote instance, edit the script to enable SSL verification (change verify=False) — the current default disables SSL verification and suppresses warnings to support self-signed certs, which increases MITM risk for remote endpoints. 3) The registry metadata should declare SEARXNG_URL as a required env var; verify your environment or Clawdbot config provides it. 4) Make sure Python (>=3.11 per header) and the listed Python deps (httpx, rich) are installed in a controlled environment. If you need stricter guarantees, inspect the included scripts locally before running them.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dbmjb9ac3a9x8fqyesjn131801y03

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔍 Clawdis
Binspython3

Comments