If you find a security vulnerability, please open a GitHub Issue with tag "security".

• Never commit API keys to the repository
• Use environment variables or config files outside of git
• The references/mcporter-sample.json shows the config format - never put real keys there

• SearXNG runs locally - your searches stay private
• Cache is stored in /tmp/ - cleared on reboot by default
• No data is sent to external servers (except search engine APIs)

• Run SearXNG in a container for isolation
• Don't expose SearXNG to the public internet without authentication
• Use Docker's built-in security features

• This tool sends queries to third-party search APIs (GLM, GitHub, SearXNG instances)
• Each service has its own privacy policy
• For maximum privacy, run your own SearXNG instance

Check for updates regularly:

git pull origin main