Frequently Asked Questions
Everything you need to know about SpiderRating, MCP server security, and protecting your AI agents.
Last updated: · Covering 19 questions based on 15,923 rated MCP servers.
What is SpiderRating?
SpiderRating is an independent security rating platform for MCP servers, Claude skills, and AI tools. We scan every tool in the Model Context Protocol ecosystem and score it on a 0-10 scale called SpiderScore, so developers and enterprises can decide which tools to trust. As of March 2026, we have rated 15,923 MCP servers and skills. Ratings are free to browse at spiderrating.com/servers.
What is MCP (Model Context Protocol)?
MCP (Model Context Protocol) is an open standard created by Anthropic in late 2024 that lets AI assistants like Claude connect to external tools, data sources, and services through a unified interface. An MCP server exposes capabilities (file access, database queries, API calls, code execution) that an AI agent can invoke during a conversation. MCP is now supported by Claude Desktop, Cursor, Continue, Cline, and other AI clients. The ecosystem has grown to over 15,923 public MCP servers on GitHub, npm, and PyPI, which is why independent security ratings have become essential.
Is it safe to install MCP servers from GitHub?
Not all MCP servers are safe — our scans of 15,923 servers show that 64% are missing proper sandbox configuration and only 1.3% earn a B grade or higher. MCP servers run with significant privileges in the user's environment, so a malicious or poorly-written server can steal credentials, exfiltrate data, or execute arbitrary commands. Before installing any MCP server, check its SpiderRating at spiderrating.com/evaluate or browse pre-scanned servers at spiderrating.com/leaderboard/security. Never install MCP servers from unknown authors without an independent security review.
Which MCP servers are the safest to use?
The safest MCP servers are listed on our Most Secure leaderboard at spiderrating.com/leaderboard/security, ranked by security score. As of March 2026, no MCP server has achieved an A grade (9.0+); the top tier is grade B (7.0–8.9), held by only 211 servers (1.3% of the ecosystem). When choosing a server, prefer ones with B grade or higher, active maintenance (commits within the last 90 days), a clear license, and no critical hard-constraint failures. Our top-rated leaderboard combines security with description quality and metadata health.
How is the SpiderScore calculated?
SpiderScore is a 0-10 composite security rating for MCP servers and Claude skills, calculated from three weighted dimensions. For MCP servers the weights are: Description Quality 38% (how clearly tools explain their capabilities to AI agents, across 5 sub-dimensions), Security Analysis 34% (static analysis across 46+ rules for command injection, path traversal, SSRF, credential leakage, prompt injection, and other vulnerabilities), and Metadata Health 28% (license clarity, maintenance signals, GitHub popularity). Claude skills use slightly different weights of 45/35/20. See the full methodology for scoring formulas and sub-signal breakdowns.
What do the letter grades (A through F) mean?
SpiderRating letter grades map directly to SpiderScore ranges: A (9.0–10.0) means excellent, B (7.0–8.9) good, C (5.0–6.9) average, D (3.0–4.9) below average with known issues, and F (0–2.9) means critical security problems. Hard constraints can override the raw score — any critical vulnerability such as hardcoded credentials, command injection, or reverse-shell patterns forces an F regardless of other scores. As of March 2026 the ecosystem distribution is: A 0%, B 1.3%, C 69.4%, D 16.3%, F 13%, with an average score of 5.26/10.
What are the most common MCP security risks?
The most common security risk across 15,923 scanned MCP servers is missing sandbox configuration, affecting 64% of servers (10,197 out of 15,923). Other frequent issues include credential/token leakage (4.8%), Server-Side Request Forgery or SSRF (2.2%), child process injection (1.7%), missing input validation (1.6%), and path traversal vulnerabilities (1.5%). Beyond specific code flaws, our research has identified systemic problems: 97% of MCP tools don't tell AI agents when to use them, and 89% lack error-handling guidance. Read more in our State of MCP Security 2026 report.
How can my AI agent check if an MCP tool is safe, automatically?
AI agents can query our free Decision API to get a structured safety verdict for any MCP tool: GET https://spiderrating.com/api/v1/decide/mcp-tool?slug={owner}/{repo}. No authentication required. The response returns a verdict (RECOMMENDED, CONSIDER, ALLOW_WITH_RISK, NOT_RECOMMENDED, AVOID, or UNKNOWN), a confidence score from 0 to 1, human-readable summary, specific recommendations, risk flags with severity, and reasoning factors. This is designed for agent frameworks (LangChain, Claude Code, Cursor) to make install/invoke decisions without hardcoding trust. See the llms.txt for the full API schema.
Is SpiderRating free?
Yes. The public Trust Score directory, Decision API, security badges, and the open-source scanner (spidershield) are all free with no authentication required. Paid plans add real-time features for teams: Pro at $49/month (cloud dashboards, alert rules, audit logs, higher API quotas), Business at $199/month (unlimited API keys, SSO, compliance export), and Enterprise (custom pricing, SOC 2 report, on-premise option). Full details at spiderrating.com/pricing.
How do I scan my own MCP server?
Run pip install spidershield && spidershield scan ./your-server to get a local security rating for any MCP server. SpiderShield is the open-source scanner (MIT license) that powers SpiderRating. The scan runs entirely on your machine — no code or data leaves your environment. Results include the SpiderScore, letter grade, detailed issue breakdown, and suggestions for remediation. You can also scan by URL: spidershield scan https://github.com/owner/repo. Get started at github.com/teehooai/spidershield.
How do I protect my AI agents in real time?
SpiderShield provides runtime protection via hooks and proxy guards that intercept every MCP tool call and check it against our trust database of 15,923 rated servers. For Claude Code, use the PreToolUse hook (spidershield guard install claude-code). For any other MCP client, use the universal proxy (spidershield proxy --client cursor). Tools with grade F or failing hard constraints are blocked automatically; lower-risk issues surface as warnings. Setup takes 2–3 minutes. See the methodology page for policy configuration.
Which AI clients does SpiderRating support?
SpiderRating and SpiderShield support all major MCP clients, including Claude Desktop, Claude Code, Cursor, Continue, Cline, and any custom client using the @modelcontextprotocol/sdk or Python mcp SDK. The Decision API is client-agnostic — any HTTP-capable agent can query it. Runtime protection works through PreToolUse hooks (Claude Code) or a transparent proxy layer (all other clients). LangChain and LlamaIndex integrations are on our roadmap for Q2 2026.
How is SpiderRating different from SpiderShield?
SpiderShield is the open-source scanner (MIT license) that runs locally; SpiderRating is the cloud platform that continuously scans the entire MCP ecosystem and publishes ratings. SpiderShield provides static analysis, runtime guards, DLP scanning, and audit logging — all free and self-hostable. SpiderRating adds the discovery pipeline, centralized rating engine, public leaderboards, Decision API, and enterprise dashboards on top. You can use SpiderShield standalone without ever touching the cloud platform.
How does SpiderRating compare to Glama, Smithery, and mcp.so?
SpiderRating is the only MCP directory focused on independent security ratings; Glama, Smithery, and mcp.so are primarily discovery and hosting platforms without systematic security scoring. Glama.ai provides MCP server hosting with some basic checks, Smithery.ai focuses on easy installation and playground testing, and mcp.so (chatmcp/mcpso) is an unmoderated community directory. SpiderRating complements all three: we scan every server regardless of where it's listed and publish an independent security grade, so you can cross-reference our rating when browsing any other directory.
How often are scores updated?
Our pipeline continuously discovers and rescans MCP servers; new servers are typically rated within 24 hours of appearing on GitHub, npm, or PyPI. Existing servers are rescanned weekly, or immediately when we detect new commits or security advisories affecting their dependencies. You can force a rescan of any server from its report page. Real-time rescan triggers are available on Pro and Business plans.
Can I dispute or appeal a rating?
Yes. Visit your server's report page and click "Request Rescan", or email [email protected] with details. We review disputes within 48 hours. For servers graded D or F, specific vulnerability details are shared privately under responsible disclosure with a 90-day remediation window before public disclosure. Maintainers who fix issues can request an immediate rescan to update their public grade.
How do I request a new MCP server be scanned?
Any public MCP server on GitHub, npm, or PyPI can be scanned for free by submitting its URL at spiderrating.com/evaluate. Scans are typically available within 10 minutes for a single repository. For bulk requests (multiple servers, private repos, or integration with your CI/CD), contact [email protected]. We also automatically discover new servers from GitHub Trending, npm recent publishes, and PyPI new releases, so most servers are rated without needing to submit them manually.
How do I add a security badge to my README?
Add this markdown to your README: [](https://spiderrating.com/servers/OWNER/REPO). Replace OWNER and REPO with your GitHub owner and repository name (note the double underscore separator in the badge URL). The badge auto-updates whenever your score changes after a rescan. Badges are free for all servers with public ratings.
Does SpiderRating help with AI tool compliance?
Yes. SpiderRating provides the security evidence and tooling that compliance programs need to manage AI tool risk. Our scans of 15,923 MCP servers map directly to SOC 2 controls (CC6.1 logical access, CC7.1 monitoring, CC8.1 change management) and ISO 27001:2022 requirements (A.8.9 configuration management, A.8.23 web filtering). The Business plan ($199/mo) includes compliance report export (PDF), 1-year audit trails, SOC 2 evidence collection, a policy engine to enforce minimum grade thresholds, and an AI tool risk register. Enterprise adds SOC 2 Type II reports, ISO 27001 control mapping, SIEM integration (Splunk/Datadog), and a dedicated compliance engineer. Read our MCP Compliance Guide for the full framework.
Still have questions?
Check our Methodology page for technical details, browse the full directory, or reach out directly.
Contact Us