Getting Started
What SpiderRating is, how it's free, and how to scan your own MCP server.
Last updated: · 4 questions in this topic · Based on 15,923 rated MCP servers
What is SpiderRating?
SpiderRating is an independent security rating platform for MCP servers, Claude skills, and AI tools. We scan every tool in the Model Context Protocol ecosystem and score it on a 0-10 scale called SpiderScore, so developers and enterprises can decide which tools to trust. As of March 2026, we have rated 15,923 MCP servers and skills. Ratings are free to browse at spiderrating.com/servers.
How do I scan my own MCP server?
Run pip install spidershield && spidershield scan ./your-server to get a local security rating for any MCP server. SpiderShield is the open-source scanner (MIT license) that powers SpiderRating. The scan runs entirely on your machine — no code or data leaves your environment. Results include the SpiderScore, letter grade, detailed issue breakdown, and suggestions for remediation. You can also scan by URL: spidershield scan https://github.com/owner/repo. Get started at github.com/teehooai/spidershield.
How do I request a new MCP server be scanned?
Any public MCP server on GitHub, npm, or PyPI can be scanned for free by submitting its URL at spiderrating.com/evaluate. Scans are typically available within 10 minutes for a single repository. For bulk requests (multiple servers, private repos, or integration with your CI/CD), contact [email protected]. We also automatically discover new servers from GitHub Trending, npm recent publishes, and PyPI new releases, so most servers are rated without needing to submit them manually.
How do I add a security badge to my README?
Add this markdown to your README: [](https://spiderrating.com/servers/OWNER/REPO). Replace OWNER and REPO with your GitHub owner and repository name (note the double underscore separator in the badge URL). The badge auto-updates whenever your score changes after a rescan. Badges are free for all servers with public ratings.