Skip to main content
Version: Next

Risk Scoring

Risk Scoring in Lunar.dev MCPX evaluates the potential impact of MCP tools so security, IT, and platform teams can make informed decisions about which tools to approve, expose, and monitor. Risk signals are surfaced on tool catalog items and in sandbox analysis results.

Where you see risk scores

  • Catalog items. Each MCP server and tool in the catalog carries a risk score and tier, so admins can assess tools at a glance before adding them to a Profile.
  • Sandbox analysis. When an MCP server is evaluated in the MCP Evaluation Sandbox, MCPX produces a deeper, per-tool risk assessment with a written reason for each score.

How risk is scored

MCPX combines two scoring layers:

  • Catalog heuristic scoring. A pattern-based score that evaluates each tool's action type (read, write, update, deploy, delete, destroy), its category (data, infrastructure, code, observability), and red-flag patterns in the tool's description such as filesystem access, secrets handling, network operations, code execution, and cloud service control.
  • Sandbox analysis scoring. An LLM-evaluated rubric that scores each tool from 0 to 100 and produces a written reason explaining the score. The rubric is applied during sandbox evaluation, so admins see a considered assessment before promoting a server to the Organizational Catalog.

Action weights range from 1 (low-impact actions like list and status) to 100 (destructive actions like destroy). Red-flag patterns and category weights compound onto the action score.

The two layers are complementary. Catalog heuristics provide instant signals across every tool. Sandbox analysis provides depth before a server reaches production.

💡 MCPX Enterprise Feature - Risk Scoring is exclusively available on our Enterprise plan.
Contact our team to book a demo and unlock this feature.