ClawHub

Searxng Search

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward SearXNG web-search connector, with normal privacy considerations for any configured search endpoint.

Install only if you trust the SearXNG endpoint you configure, preferably using HTTPS for remote servers. Avoid searching secrets or private project data, and merge or back up any existing mcporter config before copying this package's config.json.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Tainted flow: 'url' from os.environ.get (line 79, credential/environment) → urllib.request.urlopen (network output)

Critical
Category
Data Flow
Content
url = f"{SEARXNG_URL}/search?q={encoded_query}&format=json"
    
    try:
        with urllib.request.urlopen(url, timeout=30) as response:
            data = json.loads(response.read().decode('utf-8'))
            results = data.get('results', [])[:limit]
            return results
Confidence
92% confidence
Finding
with urllib.request.urlopen(url, timeout=30) as response:

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs agents to send search queries to a configurable external SearXNG endpoint but does not warn that prompts, search terms, and possibly sensitive user data will be transmitted off-system. Because the endpoint is user-configurable and may be third-party or self-hosted, this can expose confidential information, enable logging of agent queries, and create SSRF-like risk if pointed at internal services.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill forwards user-provided search queries directly to an external SearXNG instance with no user-facing disclosure or consent mechanism. Search terms can contain sensitive prompts, secrets, internal project names, or personal data, so this behavior creates a privacy and data-handling risk even if the endpoint is legitimate.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal