one-search-mcp

Name: one-search-mcp
Author: yokingma

Warning

🚀 OneSearch MCP Server: Web Search & Scraper & Extract, Support agent-browser, SearXNG, Tavily, DuckDuckGo, Bing, etc.

121stars

18forks

TypeScript

Installation

# Add to your Claude Code skills
git clone https://github.com/yokingma/one-search-mcp

Getting Started

Guides for using ai agents skills like one-search-mcp.

Caveman: Cut Claude Token Use by 65%
How agent-side prompt compression works, when to use it, and when not to.
What is an AI Skills Marketplace?
Definitions, how marketplaces work, and how to choose between them in 2026.
Getting Started with AI Skills

Security ReportWarning

Last scanned: 5/30/2026

{
  "issues": [
    {
      "type": "npm-audit",
      "message": "@hono/node-server: @hono/node-server has authorization bypass for protected static paths via encoded slashes in Serve Static Middleware",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "@modelcontextprotocol/sdk: @modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "ajv: ajv has ReDoS when using `$data` option",
      "severity": "medium"
    },
    {
      "type": "npm-audit",
      "message": "axios: Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "brace-expansion: brace-expansion: Zero-step sequence causes process hang and memory exhaustion",
      "severity": "medium"
    },
    {
      "type": "npm-audit",
      "message": "fast-uri: fast-uri vulnerable to path traversal via percent-encoded dot segments",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "flatted: flatted vulnerable to unbounded recursion DoS in parse() revive phase",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "follow-redirects: follow-redirects leaks Custom Authentication Headers to Cross-Domain Redirect Targets",
      "severity": "medium"
    },
    {
      "type": "npm-audit",
      "message": "hono: Hono added timing comparison hardening in basicAuth and bearerAuth",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "minimatch: minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "path-to-regexp: path-to-regexp vulnerable to Denial of Service via sequential optional groups",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "picomatch: Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "postcss: PostCSS has XSS via Unescaped </style> in its CSS Stringify Output",
      "severity": "medium"
    },
    {
      "type": "npm-audit",
      "message": "qs: qs's arrayLimit bypass in comma parsing allows denial of service",
      "severity": "medium"
    },
    {
      "type": "npm-audit",
      "message": "rollup: Rollup 4 has Arbitrary File Write via Path Traversal",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "undici: Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "vite: Vite Vulnerable to Path Traversal in Optimized Deps `.map` Handling",
      "severity": "high"
    },
    {
      "type": "npm-audit",
      "message": "ws: ws: Uninitialized memory disclosure",
      "severity": "medium"
    }
  ],
  "status": "WARNING",
  "scannedAt": "2026-05-30T16:31:44.790Z",
  "npmAuditRan": true,
  "pipAuditRan": true
}

README.md

Frequently Asked Questions

What is one-search-mcp?

one-search-mcp is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by yokingma. 🚀 OneSearch MCP Server: Web Search & Scraper & Extract, Support agent-browser, SearXNG, Tavily, DuckDuckGo, Bing, etc. It has 121 GitHub stars.

Is one-search-mcp safe to use?

one-search-mcp returned warnings in SkillsLLM's automated security scan. It has no critical vulnerabilities, but review the flagged issues in the Security Report section before adding it to your workflow.

How do I install one-search-mcp?

Clone the repository with "git clone https://github.com/yokingma/one-search-mcp" and add it to your Claude Code skills directory (see the Installation section above).

What programming language is one-search-mcp written in?

one-search-mcp is primarily written in TypeScript. It is open-source under yokingma on GitHub, so you can review or fork the full source.

Are there alternatives to one-search-mcp?

Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh one-search-mcp against similar tools.

Agentic AI for Beginners

Build your first AI agent from scratch - tool use, ReAct pattern, memory, deployment

41 minBeginner

Comments (0)

to leave a comment.

No comments yet. Be the first to share your thoughts!

Related Skills

superpowers

by obra

An agentic skills framework & software development methodology that works.

234,966

laravel-altitude roampal

🚀 OneSearch MCP Server: Web Search & Crawl & Scraper & Content Prep

A Model Context Protocol (MCP) server implementation that integrates with multiple search providers for web search, local browser search, and scraping capabilities with agent-browser.

Features

Web search, scrape, crawl and preprocess content from websites.
Support multiple search engines and web scrapers: SearXNG, Tavily, DuckDuckGo, Bing, Google, Zhipu (智谱), Exa, Bocha (博查), etc.
Local web search (browser search), support multiple search engines: Bing, Google, Baidu, Sogou, etc.
- Use agent-browser for browser automation.
- Free, no API keys required.
Enabled tools: one_search, one_scrape, one_map, one_extract

Migration from v1.1.0 and Earlier

Breaking Changes in v1.1.0:

Firecrawl Removed: The Firecrawl integration has been removed in favor of agent-browser, which provides similar functionality without requiring external API services.
New Browser Requirement: You must install Chromium browser (see Prerequisites section).
Environment Variables: FIRECRAWL_API_URL and FIRECRAWL_API_KEY are no longer used.

What Changed:

one_scrape and one_map now use agent-browser instead of Firecrawl
one_extract now preprocesses multi-URL page content for downstream analysis instead of performing built-in LLM extraction
All browser-based operations are now handled locally, providing better privacy and no API costs

Migration Steps:

Install Chromium browser (see Prerequisites)
Remove FIRECRAWL_API_URL and FIRECRAWL_API_KEY from your environment variables
Update to the latest version: npm install -g one-search-mcp@latest

Prerequisites

Browser Requirement: This server uses agent-browser for web scraping and local search, which requires a Chromium-based browser.

Good News: The server will automatically detect and use browsers already installed on your system:

✅ Google Chrome
✅ Microsoft Edge
✅ Chromium
✅ Google Chrome Canary

If you don't have any of these browsers installed, you can:

# Option 1: Install Google Chrome (Recommended)
# Download from: https://www.google.com/chrome/

# Option 2: Install Microsoft Edge
# Download from: https://www.microsoft.com/edge

# Option 3: Install Chromium via agent-browser
npx agent-browser install

# Option 4: Install Chromium directly
# Download from: https://www.chromium.org/getting-involved/download-chromium/

Installation

Using Claude Code CLI (Recommended)

# Add to Claude Code with default settings (local search)
claude mcp add one-search-mcp -- npx -y one-search-mcp

# Add with custom search provider (e.g., SearXNG)
claude mcp add one-search-mcp -e SEARCH_PROVIDER=searxng -e SEARCH_API_URL=http://127.0.0.1:8080 -- npx -y one-search-mcp

# Add with Tavily API
claude mcp add one-search-mcp -e SEARCH_PROVIDER=tavily -e SEARCH_API_KEY=your_api_key -- npx -y one-search-mcp

Manual Installation

# Install globally (Optional)
npm install -g one-search-mcp

# Or run directly with npx
npx -y one-search-mcp

Local Debugging with MCP Inspector

Use the official MCP Inspector to interactively test tools, resources, and prompts against this server during local development.

# Inspect the TypeScript source entrypoint
npm run inspector

# Inspect the built server entrypoint
npm run inspector:build

# Example with explicit environment variables
ALLOW_PRIVATE_NETWORK=true SEARCH_PROVIDER=local npm run inspector

Using Docker

Docker image includes all dependencies (Chromium browser) pre-installed, no additional setup required.

Pull the image:

# From GitHub Container Registry
docker pull ghcr.io/yokingma/one-search-mcp:latest

# Or from Docker Hub
docker pull zacma/one-search-mcp:latest

Configure with Claude Desktop:

{
  "mcpServers": {
    "one-search-mcp": {
      "command": "docker",
      "args": ["run", "-i", "--rm", "ghcr.io/yokingma/one-search-mcp:latest"],
      "env": {
        "SEARCH_PROVIDER": "local"
      }
    }
  }
}

With custom search provider:

{
  "mcpServers": {
    "one-search-mcp": {
      "command": "docker",
      "args": [
        "run", "-i", "--rm",
        "-e", "SEARCH_PROVIDER=tavily",
        "-e", "SEARCH_API_KEY=your_api_key",
        "ghcr.io/yokingma/one-search-mcp:latest"
      ]
    }
  }
}

Environment Variables

Search Provider

SEARCH_PROVIDER (Optional): The search provider to use, supports searxng, duckduckgo, bing, tavily, google, zhipu, exa, bocha, local, default is local.
SEARCH_API_URL (Optional): The URL of the SearxNG API, or Google Custom Search Engine ID for google.
SEARCH_API_KEY (Optional): The API key for the search provider, required for tavily, bing, google, zhipu, exa, bocha.

// supported search providers
export type SearchProvider = 'searxng' | 'duckduckgo' | 'bing' | 'tavily' | 'google' | 'zhipu' | 'exa' | 'bocha' | 'local';

Browser Network Security

ALLOW_PRIVATE_NETWORK (Optional): Set to true to allow browser-backed tools (one_scrape, one_map, one_extract) to access private, loopback, and link-local network targets. Defaults to false.

Use ALLOW_PRIVATE_NETWORK=true only in trusted deployments. When enabled, prompt injection or untrusted tool inputs can make the MCP process fetch internal services that are otherwise blocked by default.

Search Provider Configuration

Provider	API Key Required	API URL Required	Notes
`local`	No	No	Free, uses browser automation
`duckduckgo`	No	No	Free, no API key needed
`searxng`	Optional	Yes	Self-hosted meta search engine
`bing`	Yes	No	Bing Search API
`tavily`	Yes	No	Tavily API
`google`	Yes	Yes (Search Engine ID)	Google Custom Search
`zhipu`	Yes	No	智谱 AI
`exa`	Yes	No	Exa AI
`bocha`	Yes	No	博查 AI

Configuration for Other MCP Clients

Claude Desktop

Add to your Claude Desktop configuration file:

macOS: ~/Library/Application Support/Claude/claude_desktop_config.json Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "one-search-mcp": {
      "command": "npx",
      "args": ["-y", "one-search-mcp"],
      "env": {
        "SEARCH_PROVIDER": "local"
      }
    }
  }
}

Cursor

Add to your mcp.json file:

{
  "mcpServers": {
    "one-search-mcp": {
      "command": "npx",
      "args": ["-y", "one-search-mcp"],
      "env": {
        "SEARCH_PROVIDER": "local"
      }
    }
  }
}

Windsurf

Add to your ./codeium/windsurf/model_config.json file:

{
  "mcpServers": {
    "one-search-mcp": {
      "command": "npx",
      "args": ["-y", "one-search-mcp"],
      "env": {
        "SEARCH_PROVIDER": "local"
      }
    }
  }
}

Self-hosting SearXNG (Optional)

If you want to use SearXNG as your search provider, you can deploy it locally using Docker:

Prerequisites:

Docker installed and running (version 20.10.0 or higher)
At least 4GB of RAM available

Quick Start:

# Clone SearXNG Docker repository
git clone https://github.com/searxng/searxng-docker.git
cd searxng-docker

# Start SearXNG
docker compose up -d

After deployment, SearXNG will be available at http://127.0.0.1:8080 by default.

Configure OneSearch to use SearXNG:

# Set environment variables
export SEARCH_PROVIDER=searxng
export SEARCH_API_URL=http://127.0.0.1:8080

For more details, see the official SearXNG Docker documentation.

Troubleshooting

Browser not found error

If you see an error like "Browser not found", the server couldn't detect any installed Chromium-based browser. Please install one of the following:

Google Chrome: https://www.google.com/chrome/
Microsoft Edge: https://www.microsoft.com/edge
Chromium: https://www.chromium.org/getting-involved/download-chromium/

Or install via agent-browser:

npx agent-browser install

License

MIT License - see LICENSE file for details.