searxng
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection by fetching and processing external search results via the SearXNG API. Instructions embedded in web pages could potentially influence the agent's behavior.
- Ingestion points: Search snippets and page content returned by the
scripts/searxng.pycommand. - Boundary markers: Not specified in the metadata or command templates to isolate search results from system instructions.
- Capability inventory: The agent can execute search commands and interpret the results to answer user queries.
- Sanitization: No explicit sanitization or filtering of the retrieved content is defined in the skill configuration.
- [COMMAND_EXECUTION]: The skill executes a local Python script (
scripts/searxng.py) via theuvrunner to interface with the SearXNG instance. This execution is used for search operations and result retrieval.
Audit Metadata