Skills
skills/brettatoms/agent-skills/clojure-repl/Gen Agent Trust Hub

clojure-repl

Fail

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The install.sh script downloads and installs multiple CLI tools from an untrusted external GitHub repository: https://github.com/bhauman/clojure-mcp-light.git.
  • [REMOTE_CODE_EXECUTION]: The installation uses bbin install to fetch and install scripts directly from a remote repository. These scripts are then executed on the host system to interact with Clojure REPLs.
  • [COMMAND_EXECUTION]: The skill facilitates the execution of arbitrary Clojure code on running systems via the clj-nrepl-eval tool. This includes the ability to modify application state, reload code, and execute system commands within the REPL context.
  • [DATA_EXPOSURE]: Documentation within SKILL.md provides explicit instructions on how to access sensitive system components, such as database connection pools (:banzai.*.system/datasource) and Integrant system states, which could lead to unauthorized data access if used maliciously.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 28, 2026, 11:36 AM