SamuAI

How We Score Risk

SamuAI's scoring methodology is built by security practitioners who work in third-party risk, supply chain security, and AI governance — people who evaluate tooling risk for a living and understand what it takes to meet the highest functional bars for securing AI-adjacent software.

Our Approach

Every SamuAI score is derived from observable, verifiable signals — not self-reported claims from developers. When you scan a tool, we pull its publicly available metadata: manifest files, permission declarations, dependency trees, store listings, and developer provenance. We never execute extension code or access your personal data.

That metadata is analyzed through a proprietary model that evaluates risk across multiple dimensions — informed by the same frameworks that enterprise security teams use to assess vendor and supply chain risk. The result is a single 0–10 score that tells you how much exposure a tool introduces, and why.

What We Evaluate

Permission Analysis

We classify every permission a tool requests by risk tier, then evaluate whether each permission is justified for what the tool actually does. An ad blocker intercepting web requests is expected. A calculator doing the same is a red flag. Our model understands the difference.

Developer Provenance

We assess how identifiable and established the publisher is — platform verification, organizational accountability, ecosystem track record, community adoption, and web presence. A tool backed by a verified organization with years of history carries different risk than one published yesterday by an anonymous account.

Data Flow Mapping

We trace where data goes — external APIs, third-party services, analytics endpoints — and evaluate encryption status, data sensitivity, and whether the tool's network behavior aligns with its stated purpose. This includes inferring capabilities from dependency trees, not just declared permissions.

Policy & Transparency

We check whether the tool has a privacy policy and whether its claims match observed behavior. A policy that says 'we collect no data' while the tool requests cookies and browsing history is a material inconsistency — and our model flags it.

What We Scan

Chrome Extensions
Manifest, CRX, store metadata, permissions
VS Code Extensions
Marketplace data, capabilities, bundled deps
npm Packages
Registry data, dependencies, install scripts
MCP Servers
Transport, capabilities, dependency chain

Built on Industry Standards

Our scoring model doesn't exist in a vacuum. It's grounded in the frameworks that define how enterprise security teams assess risk — adapted and extended for the specific threat landscape of browser extensions, IDE plugins, open-source packages, and AI tool integrations.

StandardPublisher
OWASP Top 10OWASP Foundation
MITRE ATT&CKMITRE Corporation
NIST SP 800-53NIST
NIST Privacy FrameworkNIST
SLSA v1.0OpenSSF / Google
CWEMITRE Corporation
CISA SSDFCISA / NIST
GDPREuropean Union
CCPAState of California
FTC Act Section 5FTC

Built by Practitioners

SamuAI isn't built by people who read about security — it's built by people who do it. Our methodology comes from hands-on experience in third-party risk management, supply chain security assessments, and AI governance at organizations where the stakes are real.

We've taken the same rigor that goes into evaluating enterprise vendors and SaaS platforms and applied it to the tools that developers and everyday users install without a second thought — the browser extensions, IDE plugins, npm packages, and MCP servers that have direct access to your code, your data, and your credentials.

The result is a scoring system that doesn't just count permissions — it understands context, evaluates provenance, traces data flows, and surfaces the specific risks that matter. No hand-waving. No vague "trust scores." Just observable signals, analyzed against the highest bar we know how to set.

What We Don't Do

Transparency means being honest about boundaries. SamuAI is an automated risk assessment tool, not a replacement for a full security audit.

No code executionWe perform static analysis on manifests, metadata, and dependency trees. We do not execute, decompile, or deobfuscate code.
No runtime observationData flows are inferred from permissions and dependencies, not observed at runtime. A tool with a network library may not actually make external requests.
No legal reviewPrivacy policy checks verify existence and basic claim-vs-behavior consistency. This is not a legal compliance assessment.
No guaranteeA high score does not mean a tool is without risk. A low score does not mean a tool is malicious. Scores reflect observable signals at the time of analysis.

See the methodology in action.