Use Case
Security Audit (Sona) is a powerful AI agent skill that extends your assistant with new capabilities. Fail-closed security auditing for OpenClaw/ClawHub skills & repos: trufflehog secrets scanning, semgrep SAST, prompt-injection/persistence signals, and supply-chain hygiene checks before enabling or installing. This guide walks you through installing Security Audit (Sona), configuring it for your setup, and running your first commands β so you can start getting value in minutes.
Install Security Audit (Sona): npx clawhub@latest --dir ~/.claude/skills install sona-security-audit
Restart your AI client (Claude Code, Cursor, Gemini CLI, or OpenClaw)
Type a natural language request related to ai agent & automation to trigger Security Audit (Sona)
Review the output and refine your prompt for better results
Combine Security Audit (Sona) with other skills to build multi-step workflows
Copy these prompts and use them with your AI agent after installing Security Audit (Sona)
Help me get started with Security Audit (Sona)
What can Security Audit (Sona) do for my ai agent & automation workflow?
Show me an example of using Security Audit (Sona)
Select your agent
Option 1: Install via CLI (recommended)
Recommended (no pre-install needed)
npx clawhub@latest --dir ~/.claude/skills install sona-security-auditOr via clawhub CLI (if already installed)
clawhub --dir ~/.claude/skills install sona-security-auditβ οΈ Requires Node.js 18+. No Node? Use Option 2 below to download the ZIP instead. Install Node.js β
Option 2: Manual install (no Node required)
Download the ZIP, extract it, and place the folder at the path below. Restart your agent to activate.
Install path
~/.claude/skills/sona-security-audit/π‘Extract and place the folder at the path above, then restart your agent.