Searxng Web
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI07: Insecure Inter-Agent CommunicationWhat this means
Search terms, including any sensitive text placed in a query, will be sent to the configured local SearxNG instance.
Why it was flagged
The tool transmits the user's search query to a local SearxNG HTTP endpoint. This is disclosed and purpose-aligned, but users should understand that queries leave the agent process and go to that local service.
Skill content
const u=new URL("http://host.docker.internal:8081/search");u.searchParams.set("q",query);u.searchParams.set("format","json");Recommendation
Use this only with a trusted local SearxNG instance and avoid putting secrets or private data into search queries.