🟠 composio-context7

Access up-to-date documentation and code examples for any programming library or framework. Discover the most relevant packages for your projects using reputation and quality scores. Simplify the search for technical information by resolving package names to direct documentation queries.

Field	Value
Grade	C
Risk Score	25
Version	`smithery`
Vendor	Smithery
Source	composio-context7
Scan Date	2026-05-08
Scanner	tooltrust-scanner/v0.3.9

Findings Summary

Severity	Count
Critical	0
High	1
Medium	2
Low	1
Info	2

Detailed Findings

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares db permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 `AS-002` — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟡 🔑 `AS-002` — Excessive Permission Surface

Severity: Medium

Description: tool declares db permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

Scored using ToolTrust methodology · Raw JSON report

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

🟠 composio-context7

Findings Summary

Detailed Findings

🟡 🔑 `AS-002` — Excessive Permission Surface

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟠 🔑 `AS-002` — Excessive Permission Surface

🟡 🔑 `AS-002` — Excessive Permission Surface

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

FilesExpand file tree

composio-context7.md

Latest commit

History

composio-context7.md

File metadata and controls

🟠 composio-context7

Findings Summary

Detailed Findings

🟡 🔑 AS-002 — Excessive Permission Surface

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟠 🔑 AS-002 — Excessive Permission Surface

🟡 🔑 AS-002 — Excessive Permission Surface

🔵 ⚡ AS-011 — DoS Resilience — Missing Rate Limit / Timeout

⚪ AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

🟡 🔑 `AS-002` — Excessive Permission Surface

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE

🟠 🔑 `AS-002` — Excessive Permission Surface

🟡 🔑 `AS-002` — Excessive Permission Surface

🔵 ⚡ `AS-011` — DoS Resilience — Missing Rate Limit / Timeout

⚪ `AS-014` — DEPENDENCY_INVENTORY_UNAVAILABLE