Trust Score Explained
How MCPAmpel computes the 0-10 trust score from 16 scanning engines.
How the Trust Score Works
Every scan starts at a perfect 10.0. Each engine that flags findings deducts a penalty based on the worst severity it found, multiplied by the engine's weight. The final score is clamped to the 0.0-10.0 range.
The formula for each flagged engine: penalty = severity_weight * engine_weight, capped at 3.0 per engine. The total penalty is subtracted from 10.0 to produce the final score.
Score Ranges
Severity Penalties
Each flagged engine's worst finding determines the base penalty:
| Severity | Base Penalty |
|---|---|
| Critical | 3.0 |
| High | 2.0 |
| Medium | 1.0 |
| Low | 0.3 |
| Clean | 0.0 |
Engine Weights
Each engine has a weight that scales its penalty. Higher weight means more score impact.
| Weight | Engines |
|---|---|
1.0 (Full) |
Trivy, Grype, OSV Scanner, Semgrep, Gitleaks, Custom YARA |
0.7 (Good) |
Bandit, pip-audit |
0.5 (Moderate) |
Cisco Skill, Cisco A2A, MCP Guardian |
0.15 (Noisy) |
detect-secrets, Checkov |
0.0 (Info) |
Syft, ScanCode, Cisco AIBOM |
Informational engines (weight 0.0) produce findings but never reduce the trust score. They provide context like SBOMs and license data.
Worked Example
A repository scanned by all 16 engines. Three engines flag findings:
2.0 * 1.0 = 2.0
0.3 * 0.15 = 0.045
1.0 * 0.15 = 0.15
The remaining 16 engines reported clean results, contributing no penalty. The score rounds to one decimal place.
What the Score Doesn't Cover
The trust score reflects what automated static analysis tools can detect. It does not cover:
A high score means the code passed automated checks, not that it is free of all security issues. Use the trust score as one signal alongside manual review and threat modeling.