Skills
skills/brettatoms/agent-skills/clojure-symbols/Gen Agent Trust Hub

clojure-symbols

Fail

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructions include the use of sudo to install packages on Arch Linux systems, which represents a privilege escalation risk if executed by an agent.
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and execute a shell script directly from a remote GitHub repository (raw.githubusercontent.com/clj-kondo/clj-kondo) which is not on the trusted vendors list.
  • [REMOTE_CODE_EXECUTION]: The skill relies on the clj-nrepl-eval tool to evaluate arbitrary Clojure code on a running nREPL server, providing a mechanism for full code execution in the target environment.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. Ingestion points: The agent reads Clojure source files using the Read tool. Boundary markers: No boundary markers or instructions to ignore embedded commands are used when processing file content. Capability inventory: The agent has access to Bash (for running analysis and REPL commands) and Edit (for modifying files) tools. Sanitization: The skill does not provide methods for sanitizing symbol names or file contents before they are interpolated into shell commands or REPL evaluation strings.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 28, 2026, 11:37 AM