Trust Assessment
searxng-bangs received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 5 findings: 3 critical, 1 high, 1 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Suspicious import: urllib.request, User queries can be exfiltrated to arbitrary SearXNG instances.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 10/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 5acc5677). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/rpeters511/searxng-bangs/SKILL.md:121 | |
| CRITICAL | Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/rpeters511/searxng-bangs/SKILL.md:146 | |
| CRITICAL | Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/rpeters511/searxng-bangs/scripts/search.py:16 | |
| HIGH | User queries can be exfiltrated to arbitrary SearXNG instances The skill's `scripts/search.py` determines the target SearXNG instance by reading the `SEARXNG_URL` environment variable. If this variable is set to an attacker-controlled server, any search queries made by the agent (which may contain sensitive user data) will be sent to that server, leading to data exfiltration. The `SKILL.md` explicitly documents how to set this environment variable, making it a known configuration point that could be manipulated by a compromised environment or a prompt injection attack capable of setting environment variables. Implement strict validation or whitelisting for `SEARXNG_URL` if possible, or ensure the execution environment prevents unauthorized modification of environment variables. For agent skills, consider if the `SEARXNG_URL` should be a hardcoded value or a configuration parameter passed directly to the skill, rather than relying on potentially mutable environment variables. If configurable, clearly warn users about the security implications of using untrusted endpoints. | LLM | scripts/search.py:12 | |
| MEDIUM | Suspicious import: urllib.request Import of 'urllib.request' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/rpeters511/searxng-bangs/scripts/search.py:9 |
Scan History
Embed Code
[](https://skillshield.io/report/02efedf71a6060b9)
Powered by SkillShield