Local web search using SearXNG
PassAudited by ClawScan on May 1, 2026.
Overview
The skill appears to only send search queries to a configured SearXNG server, with minor setup metadata inconsistencies users should verify.
This looks like a straightforward SearXNG search helper. Before installing, make sure python3 is available, set SEARXNG_URL to a SearXNG instance you trust, verify the script path if the documented command does not work, and avoid searching for secrets or sensitive private data.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may fail or be harder to install because the registry does not fully declare its runtime requirements.
This conflicts with SKILL.md and the script, which require python3 and SEARXNG_URL to work. This is a setup/declaration mismatch rather than evidence of malicious behavior.
Required binaries (all must exist): none ... Required env vars: none ... No install spec — this is an instruction-only skill.
Update the registry metadata to declare python3 and SEARXNG_URL, and verify the installed script path before use.
Anything typed as a search query may be visible to the configured SearXNG instance and possibly upstream search engines.
The user’s search query is sent to the configured SearXNG URL. This is the core purpose of the skill, but users should understand the data flow.
params = {"q": query, "format": "json"} ... url = f"{base_url}/search?{urllib.parse.urlencode(params)}"Use a trusted SearXNG instance, prefer HTTPS for non-local deployments, and avoid putting secrets or highly sensitive personal data in search queries.