--- title: "MCP Risk Score" slug: "mcp-risk-score" description: "Learn how Traceable calculates MCP Tool risk scores using likelihood and impact factors, including tool access, issues, response data sensitivity, and labels. Configure contributors and customize the risk lookup table to align MCP risk scoring with your organization’s AI security posture." updated: 2026-04-15T11:09:46Z published: 2026-04-15T11:09:46Z --- > ## Documentation Index > Fetch the complete documentation index at: https://traceabledocs.document360.io/llms.txt > Use this file to discover all available pages before exploring further. # MCP Risk Score The **MCP Tool** risk score helps you assess the security posture of discovered MCP tools by combining the likelihood and impact of exploit indicators into a single severity score. Traceable calculates this score using configurable likelihood and impact contributors, such as tool access configuration, detected issues, response data sensitivity, operational capability, and contextual labels. The resulting values are mapped through a lookup table to determine the final risk severity. This scoring framework provides consistent risk visibility across APIs and AI assets, helping you prioritize remediation based on exposure level, privilege capability, and sensitive data handling. ## What will you learn in this topic? By the end of this topic, you will understand: - How Traceable calculates MCP tool risk scores. - The contributors to the risk score of the MCP tools in your application. --- ## Understand the MCP tool risk score Traceable derives the MCP tool risk score from two components: - **Likelihood of Exploit** - **Impact of Exploit** Traceable calculates each component independently using the configurable contributor values. Further, the final score is determined using the **Risk Lookup Table**. ![MCP Tool Risk Score](https://cdn.document360.io/24f14f07-13d1-4684-8fae-6d8f811768ee/Images/Documentation/traceable_ai_security_mcp_risk_score.png) MCP Tool Risk Score Traceable provides default values for each component that conform to industry standards; however, you can modify them. This enables you to assess the MCP tools and their associated risks against your organizational requirements. The following sections highlight these components and their contributors. **Likelihood of Exploit** Likelihood represents how easily an MCP tool can be accessed and exploited based on its exposure and detected weaknesses. Traceable calculates the likelihood score using the following contributors: - **MCP Tool Access** — This contributor evaluates how the MCP tool is exposed and protected. The likelihood of this contributor increases when a tool: MCP tools that use strong authentication and encryption contribute less to the likelihood score. Traceable categorizes the scores for these contributors into: - is externally accessible - uses weaker authentication mechanisms - is unauthenticated - is not encrypted - **External** — For external MCP tools - **Internal** — For internal MCP tools - **Issues** — Detected issues associated with an MCP tool contribute directly to the likelihood score. The severities included as part of this score are: *High* and *Critical* issues increase the likelihood score. Traceable selects the highest applicable severity when calculating this contribution. Traceable assigns severities to issues based on the MCP policies you configure. For more information, see [AI and MCP Policies](/v1/docs/ai-and-mcp-policies). - Critical - High - Medium - Low Additionally, you can enable or disable these contributors according to your requirements. Upon disabling, Traceable no longer considers the contributor when allocating risk scores. **Impact of Exploit** Impact represents the potential effect on your environment if an MCP tool is misused or compromised. Traceable calculates the impact score using the following contributors: - **Sensitivity of Response Data** — This contributor evaluates the sensitivity classification of data returned by the MCP tool. The severities included as part of this score are: MCP tools that expose higher sensitivity data contribute more to the risk score. - Critical - High - Medium - Low - **Labels** — Labels enable you to adjust the impact score based on the MCP tool’s importance. For example, you can use labels to indicate tools that: If multiple labels are applicable to a tool, the highest configured value contributes to the impact score. Traceable uses default labels and assigns risk scores to them; however, you can click **Edit Labels** to add labels according to your requirements. For information on creating labels, see [Label Management](/v1/docs/label-management). - support critical workflows - interact with sensitive environments, such as *production* or *sandbox* - require additional monitoring or priority You can enable or disable these contributors according to your requirements. Upon disabling, Traceable no longer considers the contributor when allocating risk scores. **Risk Lookup Table** After calculating likelihood and impact scores, Traceable determines the final MCP Tool risk score using the **Risk Lookup Table**. The lookup table maps combinations of likelihood and impact values to a numeric score ranging from *0 to 10*. This score determines the severity level assigned to the MCP tool. You can modify the lookup table values to align scoring behavior with your organization’s risk modeling. For more information, see the section below. --- ## Update the MCP tool risk score While Traceable defines risk scores by default, you can customize the MCP tool risk scores to align with your internal policies. You can do this by updating the contributor values and modifying the risk lookup table. Any modifications you make are applied across the Traceable platform for MCP tool risk evaluation. > [!NOTE] > Note > > To update the risk scores, you must have the necessary RBAC permissions (**Module Level Access** → **Discovery** → *Settings*). For more information, see [Teams and Roles - RBAC](/v1/docs/rbac). To update the risk score for an MCP tool, complete the following steps: ### Step 1 — Select component 1. Navigate to **Discovery** → **Settings** → **Risk Score** → **MCP Tool** tab. 2. Click **Edit** in either of the following sections: In the **Edit Contributors** slide-out panel, you can edit the risk score values corresponding to each contributor. The tabs in the step below highlight these contributors. - *Likelihood of Exploit* - *Impact of Exploit* - *Risk Score Calculation* ### Step 2 — Modify risk score **Likelihood of Exploit** Traceable categorizes the likelihood factors into the following two categories: ![Update Risk Score for Likelihood Factors](https://cdn.document360.io/24f14f07-13d1-4684-8fae-6d8f811768ee/Images/Documentation/traceable_ai_security_mcp_risk_score_likelihood_factors.png) Update Risk Score for Likelihood Factors - **MCP Tool Access** — Traceable classifies MCP tools into internal and external, as mentioned above, and provides you with the following risk score allocations: - **Weak** — The risk score you wish to assign to tools having weak authentication, usually a higher value. - **Strong** — The risk score you wish to assign to tools having strong authentication, usually a lower value. - **None** — The risk score you wish to assign to tools having no authentication, usually the highest value. - **Issues** — Traceable classifies Issues by severity, with each having a risk score: - **High** — The risk score you wish to assign to issues having *High* severity, usually a higher value. - **Critical** — The risk score you wish to assign to issues having *Critical* severity, usually the highest value. - **Medium** — The risk score you wish to assign to issues having *Medium* severity, usually a lower value. - **Low** — The risk score you wish to assign to issues having *Low* severity, usually the lowest value. Once you have made the necessary changes, click **Save**. **Impact of Exploit** Traceable categorizes the impact factors into the following two categories: ![Update Risk Score for Impact of Exploit](https://cdn.document360.io/24f14f07-13d1-4684-8fae-6d8f811768ee/Images/Documentation/traceable_ai_security_mcp_risk_score_exploit_impact.png) Update Risk Score for Impact of Exploit - **Sensitivity of Response Data** — Traceable classifies sensitivity into 4 levels (*Critical*, *High*, *Medium*, and *Low*), each with a risk score typically lower than the previous one. You can specify the risk score you wish to assign, according to your requirements. - **Labels** — Traceable adds the Sensitive, Sentry, and Critical labels by default, with each having a different risk score. You can click **Edit Labels** to add more labels. Further, you can specify the risk score you wish to assign, according to your requirements. Once you have made the necessary changes, click **Save**. **Risk Score Calculation** Traceable, based on the risk score you specify in the *Likelihood of Exploit* and *Impact of Exploit* sections, specifies the scores in the **Risk Lookup table**. You can modify the values in the table according to your requirements. ![Update Risk Lookup Table](https://cdn.document360.io/24f14f07-13d1-4684-8fae-6d8f811768ee/Images/Documentation/traceable_ai_security_mcp_risk_score_lookup_table.png) Update Risk Lookup Table Once you have made the necessary changes, click **Save**. --- ## Resetting risk scores to default Traceable, by default, specifies risk scores for each component based on industry standards. While you can modify the risk score using the steps mentioned above, you can also restore the scores to their default value. To do this, complete the following steps: 1. Navigate to **Discovery** → **Settings** → **Risk Score** → **MCP Tool** tab. 2. Click **Edit** in either of the following sections: - *Likelihood of Exploit* - *Impact of Exploit* - *Risk Score Calculation* 3. In the slide-out panel’s top right corner, click **Reset to Defaults**. 4. In the confirmation dialog, click **Confirm**. Traceable resets the scores to the default values. ## Related - [AI Security Overview](/ai-security-overview.md) - [AI Security Agent Support Matrix](/ai-security-agent-support-matrix.md)