How is the SpiderScore calculated?

Last updated: · Based on 15,923 rated MCP servers

SpiderScore is a 0-10 composite security rating for MCP servers and Claude skills, calculated from three weighted dimensions. For MCP servers the weights are: Description Quality 38% (how clearly tools explain their capabilities to AI agents, across 5 sub-dimensions), Security Analysis 34% (static analysis across 46+ rules for command injection, path traversal, SSRF, credential leakage, prompt injection, and other vulnerabilities), and Metadata Health 28% (license clarity, maintenance signals, GitHub popularity). Claude skills use slightly different weights of 45/35/20. See the full methodology for scoring formulas and sub-signal breakdowns.

← All FAQsMore in Scoring & GradesStill stuck? Contact us