searxng-search
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes untrusted content from external web searches. Ingestion points: search results are fetched in
scripts/search.pyfrom the configured SearXNG instance. Boundary markers: The skill does not implement delimiters or instructions to the agent to ignore embedded commands in the search snippets. Capability inventory: The skill usesurllib.requestfor network access inscripts/search.py. Sanitization: There is no sanitization or filtering of the content returned in search snippets. - [EXTERNAL_DOWNLOADS]: The skill performs outbound network requests to a remote SearXNG instance to fetch search results. The default instance is
https://search.981234.xyz. This is the intended behavior of the tool but constitutes an external data dependency.
Audit Metadata