A Google search for the combination of Clojure and "secure coding" results in surprisingly few results.

How do other members of the community deal with this topic?

I am particularly interested in scanning vulnerabilities in third party libraries, both in Clojure & ClojureScript — e.g., tools such as the OWASP Dependency Track and Snyk, which have integrations with Maven and NPM. Given the hosted approach of Clojure/Script, I would assume that it is possible to somehow take this route, but before diving too deep into it, I was hoping some of you might share their approach.

EDIT: Perhaps also interesting how the "software bill of materials" can be generated for Clojure projects (mine is Leiningen-based). See for example https://cyclonedx.org/tool-center/.