Build Log 2026-02-16

Security Classification Lands in Decompose v0.1.1

Which parts of this document carry security implications? Decompose now answers that deterministically.

Here's a question that comes up in every compliance review: which parts of this document carry security implications?

Not "which parts mention the word security." Which parts describe authentication flows, credential handling, transport encryption, or access control boundaries — the sections where a misreading has consequences beyond a confused user.

If you're building an AI system that processes technical specifications, security policies, or regulatory documents, this question isn't optional. It's the first thing an auditor asks.

The Problem with LLM-Only Classification

You can prompt an LLM to read a document and flag security-relevant sections. It will do a reasonable job. It will also take 2-10 seconds per document, cost you API credits on every call, and — critically — give you different results on Tuesday than it gave you on Monday.

That's fine for summarization. It's not fine for security classification. When your pipeline flags a section as security-critical, you need to explain why. "The model thought so" doesn't survive a SOC 2 audit.

What Changed in v0.1.1

Decompose now includes security as a first-class risk category in its classification output. Every semantic unit returned by decompose_text() gets scored across risk dimensions — and security is now one of them.

from decompose import decompose_text text = """ All MCP transport implementations MUST use TLS 1.2 or higher for network connections. Certificate validation MUST NOT be disabled in production environments. Authentication tokens SHOULD be rotated every 24 hours and MUST be transmitted only over encrypted channels. """ result = decompose_text(text) for unit in result["units"]: print(f"Risk: {unit['risk_score']} Security: {unit.get('security', 0)}") print(f" {unit['text'][:80]}...")

No API key. No network call. No GPU. The classification runs in single-digit milliseconds on commodity hardware, and it returns the same result every time you run it.

How It Works

Decompose uses deterministic pattern matching — regex-based classification against a structured rule set. It identifies RFC 2119 keywords (MUST, SHALL, SHOULD), maps them to authority levels, and scores risk across categories including the new security dimension.

The security classifier catches:

  • Transport and encryption requirements (TLS, certificate validation)
    • Authentication and credential handling patterns
      • Access control and authorization boundaries
        • Data protection and privacy constraints
          • Audit and logging requirements

            • Each unit gets a numeric risk score. Units with security implications surface with higher scores. Your downstream system — whether that's an LLM, a rules engine, or a human reviewer — gets a pre-sorted, pre-classified feed instead of a raw wall of text.

            What It Cannot Do

            Decompose doesn't understand context. It doesn't know whether TLS 1.2 is sufficient for your threat model or whether 24-hour token rotation is too aggressive for your infrastructure. It can't tell you that a particular authentication scheme has a known vulnerability, or that two sections contradict each other in ways that create a security gap.

            That's domain reasoning. An LLM or a human expert handles that.

            Decompose handles the mechanical layer: splitting the document into semantic units, classifying each one, scoring risk, and extracting entities. It gives your LLM a structured, deterministic foundation so the LLM can focus on nuance and cross-referencing instead of parsing.

            Why This Matters

            Every AI document pipeline has the same architecture problem. You need deterministic, reproducible preprocessing before you get to the probabilistic reasoning layer. Security classification makes this sharper — because security-relevant sections are exactly the sections where you need an audit trail, where you need reproducibility, and where "the model said so" is the wrong answer.

            If your system processes specs, contracts, policies, or regulatory filings and someone asks "why did it flag this section as security-critical?" — you can point to the rule that matched, the pattern that triggered, and the score that resulted. Deterministically. Every time.

            Also in This Release

            • Published to the ClawHub marketplace — install directly from OpenClaw
              • Added CONTRIBUTING.md and LICENSE (BSD 3-Clause)
                • Open Graph and Twitter Card meta tags across all site pages
                  • Blog post links in README and SKILL.md

                    • 44 files changed across 31 commits. The full diff is on GitHub.

                    Try It

                    Install from PyPI:

                    pip install decompose-mcp==0.1.1

                    Or add it as an MCP server for Claude Code, Cursor, or any MCP-compatible client:

                    { "mcpServers": { "decompose": { "command": "uvx", "args": ["decompose-mcp", "--serve"] } } }

                    Source and docs: [github.com/echology-io/decompose](https://github.com/echology-io/decompose)

← Back to build logs