Short answer
Aescut risk levels are decision aids, not absolutes. They summarize how much caution a team should bring to a tool based on permissions, maintainer trust, supply-chain signals, and the freshness of the assessment.
Trusted maintainer status and staleness signals matter because the same technical capability can be far safer in an official, actively maintained server than in an unreviewed copycat fork.
How to read the tiers
Low means the entry looks narrow, controlled, and easier to trust. Medium means useful capability with non-trivial access or operational caveats. High means the tool can materially affect code, systems, or data. Critical should trigger a “why are we doing this at all?” conversation before install.
What trusted maintainer status changes
Trusted maintainer status is not a free pass, but it changes the base prior. If the server is published by the official vendor operating the underlying service, users do not have to accept an extra trust hop through an unofficial proxy maintainer. That matters a lot for hosted MCP endpoints and OAuth-backed integrations.
Why context still matters
A low-risk server used to read public docs is not the same decision as the same server wired into deployment or production incident response. That is why Aescut separates the risk label from the runtime recommendation returned by check_risk.
Sources and further reading
Related questions
Security And Trust
How does Aescut review skills and MCP servers?
Aescut’s review pipeline, what gets pinned, and how human review and automation fit together.
Security And Trust
What permissions do skills have?
File access, network access, shell execution, and what really determines the blast radius.
Security And Trust
What should I check before installing a skill?
A practical pre-install checklist for skills and MCP servers.