Private Search for Your AI Agents

The Problem: Your AI's Search History Is Not Private

When your AI agent searches the web, it's typically using one of these:

• Google Custom Search API — Logged, profiled, $5/1000 queries
• Bing Web Search API — Logged, profiled, $3/1000 queries
• Brave Search API — Better, but still external, still logged

Every query reveals what you're working on. Competitor research? Product ideas? Security vulnerabilities you're investigating? All of it flows through third-party servers.

For personal searches, maybe you don't care. For business-critical AI agents doing competitive research? That's a leak.

The Solution: SearXNG

SearXNG is a self-hosted meta-search engine. It queries multiple search engines (Google, Bing, DuckDuckGo, etc.) and returns aggregated results — but your queries never leave your infrastructure.

How It Works

Your Agent → SearXNG (your server) → Multiple Search Engines
                                    ↓
                              Aggregated results
                                    ↓
                              Your Agent (no logging)

The search engines see requests from your SearXNG server — not your agent, not your queries linked to your identity.

Setup: 10 Minutes to Private Search

Step 1: Docker Compose

Add SearXNG to your docker-compose.yml:

services:
  searxng:
    image: searxng/searxng:latest
    container_name: searxng
    ports:
      - "8080:8080"
    environment:
      - SEARXNG_BASE_URL=http://localhost:8080
    volumes:
      - ./searxng:/etc/searxng:rw
    restart: unless-stopped

Step 2: Configure for API Access

Create searxng/settings.yml:

use_default_settings: true

general:
  debug: false
  instance_name: "Private Search"

search:
  safe_search: 0
  autocomplete: ""
  default_lang: "en"
  formats:
    - html
    - json  # Enable JSON API

server:
  secret_key: "your-secret-key-here"
  limiter: false
  
ui:
  static_use_hash: true

enabled_plugins:
  - 'Hash plugin'
  - 'Tracker URL remover'

Step 3: Start It Up

docker-compose up -d searxng

# Test the API
curl "http://localhost:8080/search?q=test&format=json" | jq '.results[0]'

That's it. Private search in 10 minutes.

Integrating with Your AI Agent

Now your agent needs to use SearXNG instead of Brave/Google. Here's a simple shell wrapper:

#!/bin/bash
# Private search via SearXNG

QUERY="$1"
LIMIT=${2:-5}
SEARXNG_URL=${SEARXNG_URL:-"http://localhost:8080"}

curl -sS "$SEARXNG_URL/search" \
  -G --data-urlencode "q=$QUERY" \
  --data "format=json" | \
  jq -r ".results[:$LIMIT][] | "\(.title)\n\(.url)\n\(.content)\n---""

Usage:

./searxng-search.sh "kubernetes best practices" 3

Fallback Strategy

SearXNG is great, but sometimes it can't reach all engines (rate limits, network issues). We keep Brave Search as a fallback:

1. SearXNG (self-hosted) → Primary, private, free
2. Brave Search API     → Fallback, external, $0.003/query
3. DuckDuckGo HTML      → Emergency, scraping, free

The agent tries SearXNG first. If it fails or returns no results, it falls back to Brave. Most queries never leave our infrastructure.

The Privacy ROI

Going Further

Once you have SearXNG running, consider:

• Local embeddings: Don't send text to OpenAI for vectors
• Local LLMs: Run Qwen/LLaMA for non-critical queries
• VPN egress: Route SearXNG through a VPN for extra anonymity
• Query caching: Cache common queries to reduce external requests

The goal isn't paranoia — it's control. Know what leaves your infrastructure. Minimize what you can't control.

Grab the Blocks

We've extracted the config and scripts into copy-paste blocks. Check the Blocks section for:

• searxng-docker-compose — Full docker-compose.yml
• searxng-agent-skill — The search script for agents

At 48nauts, we run SearXNG for all agent search queries. It's one less thing leaving our infrastructure, one less vendor to trust, and one more piece of our stack we actually control.