← 返回 Skills 市场
2584
总下载
1
收藏
4
当前安装
4
版本数
在 OpenClaw 中安装
/install sona-security-audit
功能描述
Fail-closed security auditing for OpenClaw/ClawHub skills & repos: trufflehog secrets scanning, semgrep SAST, prompt-injection/persistence signals, and supply-chain hygiene checks before enabling or installing.
安全使用建议
This skill appears to be what it says: a conservative, fail-closed repo/skill auditor that runs trufflehog, semgrep, and a custom Python scanner. Before installing or running it: 1) Run it on a quarantined copy of the repository (do not point it at / or sensitive live directories). 2) Inspect and, if needed, edit scripts/security_audit.sh which contains hard-coded paths (/home/virta/...) so it doesn't scan unintended locations. 3) Expect pipx to be installed into your user environment (~/.local/bin); run_audit_json.sh prepends that path. 4) Confirm you want a fail-closed workflow: the tool treats missing manifest/lockfiles/persistence signals as FAIL by design. 5) If you need offline/no-network guarantees, ensure trufflehog/semgrep are run with update checks disabled (the repo notes this) and review semgrep/trufflehog versions before trusting results. 6) If you are uncertain, run the scripts manually on a copy and review the produced JSON before integrating into automated install/promotion flows.
功能分析
Type: OpenClaw Skill
Name: sona-security-audit
Version: 0.1.3
This skill is a security auditing tool designed to detect malicious behavior, including prompt injection, data exfiltration, persistence, and supply chain vulnerabilities. The `hostile_audit.py` script explicitly scans for these patterns using regular expressions. The `openclaw-skill.json` manifest declares highly restrictive permissions, denying network access and sensitive filesystem paths, while allowing only necessary read/write access and execution of specific, legitimate security tools (`trufflehog`, `semgrep`, `jq`, `python3`). There is no evidence of intentional harmful behavior or prompt injection attempts against the agent; instead, the skill is designed to identify such threats in other code.
能力评估
Purpose & Capability
Name/description (fail-closed security audit) match the declared binaries (trufflehog, semgrep, jq, python3) and the provided scripts implement trufflehog/semgrep runs plus a Python hostile-audit scanner. The requested install packages and subprocess allowances are proportionate to the stated purpose.
Instruction Scope
SKILL.md and scripts instruct the agent to run scripts/run_audit_json.sh <path>, which legitimately reads the target repo/workspace and runs trufflehog/semgrep/hostile_audit.py. The scanner searches file contents for prompt-injection, exfiltration and persistence patterns — expected for this tool. One convenience wrapper (scripts/security_audit.sh) contains hard-coded user-specific paths (e.g., /home/virta/.openclaw/workspace/hybrid_orchestrator) which is an operational oddity you should inspect or edit before using; otherwise instructions do not attempt to transmit findings to external endpoints.
Install Mechanism
Install spec uses apt/brew for jq/trufflehog/semgrep and a shell pipx flow for semgrep (python3 -m pip install --user pipx && pipx install semgrep). These are reasonable but not zero-risk: pipx installs into the user environment (~/.local/bin) and the install script may modify PATH visibility. No opaque downloads or URL shorteners are used.
Credentials
No secrets or unrelated environment variables are requested. The only runtime env var referenced is OPENCLAW_AUDIT_LEVEL (for strictness), and run_audit_json.sh adds $HOME/.local/bin to PATH so pipx-installed binaries are visible. The tool intentionally scans filesystem targets provided by the user — that broad file access is expected for an auditor.
Persistence & Privilege
The skill does not request 'always: true' or elevated persistent presence. It does write temporary files under a tempdir and may write reports to user-specified paths; the manifest/docs describe quarantine/workdir locations. The wrapper script intentionally swallows non-zero exit codes (prints JSON and exits 0) — useful for embedding but something to be aware of when scripting behavior.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install sona-security-audit - 安装完成后,直接呼叫该 Skill 的名称或使用
/sona-security-audit触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.3
Improve description/summary for discoverability
v0.1.2
Add discovery tags
v0.1.1
Documentation: run scripts via 'bash scripts/...' so installs still work if zip downloads do not preserve executable bits.
v0.1.0
Initial public release.
元数据
常见问题
Security Audit (Sona) 是什么?
Fail-closed security auditing for OpenClaw/ClawHub skills & repos: trufflehog secrets scanning, semgrep SAST, prompt-injection/persistence signals, and supply-chain hygiene checks before enabling or installing. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2584 次。
如何安装 Security Audit (Sona)?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install sona-security-audit」即可一键安装,无需额外配置。
Security Audit (Sona) 是免费的吗?
是的,Security Audit (Sona) 完全免费(开源免费),可自由下载、安装和使用。
Security Audit (Sona) 支持哪些平台?
Security Audit (Sona) 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Security Audit (Sona)?
由 virtaava(@virtaava)开发并维护,当前版本 v0.1.3。
推荐 Skills