searxng-search

The batch script itself is a simple installer but contains strong supply-chain anti-patterns: it fetches and executes a remote PowerShell script with ExecutionPolicy bypass and installs Python packages directly from a remote URL without integrity verification or pinning. The file does not contain in-line malicious code, but it creates a high-risk pathway for arbitrary remote code execution and credential theft via dependencies. Do not run this script unless you trust and have independently verified the remote endpoints and/or obtained cryptographic checksums or signatures for the fetched artifacts. Prefer using vetted package registries, pinned versions with hashes, and avoid piping remote scripts directly to a shell.