Is echology-io/decompose-mcp safe?

https://github.com/openclaw/skills/tree/main/skills/echology-io/decompose-mcp

89
SAFE

This MCP skill provides text decomposition functionality and behaves as documented. The primary security consideration is the external PyPI dependency, though it uses reasonable supply chain security practices with GitHub Actions and Trusted Publishers.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 75/100 · 20%
Clone Behavior 90/100 · 10%
Canary Integrity 95/100 · 10%
Behavioral Reasoning 85/100 · 5%

Findings (5)

MEDIUM External Python Package Dependency -25

The skill requires installing 'decompose-mcp' from PyPI, which introduces potential supply chain risk. However, the package is published by the same organization using GitHub Actions with Trusted Publishers, providing some security assurance.

LOW Network Permission Required -10

The skill declares network permissions for its decompose_url functionality to fetch and analyze web content. This is appropriate for the documented use case but increases attack surface.

LOW Standard Repository Clone Activity -10

Installation involved expected GitHub connections and git operations. No suspicious network behavior detected during installation process.

LOW Clean Skill Documentation -5

The skill description and documentation contains no obvious prompt injection attempts or malicious instructions. Content is focused on legitimate text decomposition functionality.

INFO Canary Files Intact -5

All monitoring canary files remained intact during skill installation. No evidence of unauthorized credential or sensitive file access by the skill.