ClawHub

Openclaw Ask Search

v1.0.0

Web search via self-hosted SearxNG. Aggregates Google, Bing, DuckDuckGo, Brave. Returns title/url/snippet. Zero API key required.

0· 49·1 current·1 all-time
by@sky-lv
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (self-hosted SearxNG search) matches the files and behavior: CLI wrapper, core Python that queries SEARXNG_URL, a docker-compose and searxng settings to run SearxNG. No unrelated credentials or binaries are requested.
Instruction Scope
SKILL.md stays within search/use-of-search boundaries (run ask-search, optionally deep-fetch results). It also documents operational workarounds (SSH SOCKS proxy, systemd service, Playwright) for fetching blocked sites — these are legitimate but are system/network configuration steps that extend beyond simple search and should be applied intentionally by the user (not done automatically).
Install Mechanism
No platform install spec in registry, but the repo includes install.sh that writes a wrapper into a system bin (default /usr/local/bin) and a docker-compose that pulls searxng/searxng:latest. These are expected for this functionality but require the user to run code and pull container images; review before executing and be cautious installing into system paths as root.
Credentials
The only environment variables referenced (SEARXNG_URL, optional SEARXNG_SECRET for the SearxNG container) are proportional to hosting a local SearxNG instance. The registry metadata lists none as required, which aligns with them being optional. No unrelated secrets or cloud credentials are requested.
Persistence & Privilege
Skill does not request always:true and does not attempt to modify other skills or system agent configs. The installer can place a CLI binary in a system path and the README documents adding an MCP server or a systemd SOCKS tunnel if the user chooses — these are optional and user-initiated.
Assessment
This skill appears to be what it says: a thin CLI wrapper for a self-hosted SearxNG. Before installing: (1) review the repository yourself (or the packaged scripts) because install.sh will write a wrapper into a system bin (default /usr/local/bin) and may require elevated privileges; (2) the docker-compose pulls searxng/searxng:latest — verify the image source and set a strong SEARXNG_SECRET; (3) the README suggests creating SSH SOCKS tunnels and a persistent systemd service for residential-proxy deep-fetching — be aware this exposes your home machine to incoming SSH connections and should be configured carefully; (4) if you plan to enable the MCP integration, ensure you understand adding the mcp server to your MCP config and that the mcp package is trusted; (5) if you did not obtain this from a trusted upstream (the repo origin/owner is not provided in the registry metadata), prefer cloning from the original GitHub repo and inspecting commits before running installation steps.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e54q7nj65pyqn0fv1nqj9gh84f6j3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments