searxng
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The deployment instructions in
SKILL.mdreference the officialsearxng/searxngDocker image. This is a well-known service and the download is essential for the skill's primary functionality. - [COMMAND_EXECUTION]: The
manage.shscript andSKILL.mdinstructions utilize standard Docker and Docker Compose commands to manage the lifecycle of the search service. These operations are restricted to the local environment and are intended for service orchestration. - [PROMPT_INJECTION]: The skill acts as a bridge to a search engine. While it processes data from the web, the script
scripts/search.pyprimarily handles data formatting and does not exhibit patterns of intentional prompt injection or behavioral overrides. - [DATA_EXPOSURE]: Search queries are transmitted to the configured
SEARXNG_URL. By default, this points tolocalhost, ensuring that data remains within the user's local network unless explicitly reconfigured to a remote instance.
Audit Metadata