Understanding RugCheck Scores: What the Numbers Actually Mean

A "Good" score is not a green light — here is why

RugCheck.xyz has become the community's default first stop for quick Solana token safety checks, and for good reason: it aggregates dozens of on-chain signals into a readable output within seconds. But most users treat the output as a binary pass/fail signal — "Good" means safe, "Danger" means avoid — without understanding the granular warnings underneath. This surface-level reading misses the point entirely. A token can earn a "Good" RugCheck rating while still carrying several individually serious red flags, and a "Danger" rating can sometimes reflect characteristics that are dangerous for one use case and irrelevant for another.

This article explains precisely how RugCheck builds its scores, what each category of warning actually means in practice, and how Hannisol integrates RugCheck data alongside its own analysis to give you the most complete picture of any Solana token.

---

How RugCheck calculates its overall rating

RugCheck's rating system works by assigning risk weights to individual findings across several token dimensions. Each finding has a designated severity — warn, caution, or danger — and the combination of findings determines the overall label. The main categories RugCheck evaluates are:

• Mint authority: Is new supply creatable? Active mint authority is typically marked as a high-severity danger flag.
• Freeze authority: Can holder wallets be locked? Also high severity when active.
• LP locked status: How much liquidity is locked, on which platform, and for how long?
• Holder concentration: What percentage of supply is held by the top wallets?
• Program verification: Has the token's on-chain program been verified and audited?
• Metadata mutability: Can the token's name, symbol, or URI be changed after deployment?

---

The most important individual warnings — decoded

"Mint authority not revoked" — This is RugCheck's highest-priority danger flag and with good reason. It means the token creator retains the ability to generate unlimited new supply. No matter how good every other signal looks, an active mint authority means the entire supply structure of the token can be invalidated at any moment. Hannisol treats this as a 25% weight in its Pump-Dump Risk dimension — it's effectively disqualifying for any serious investment.

"Freeze authority not revoked" — Close behind in severity. The creator can lock your wallet and prevent any transfer or sale. RugCheck flags this prominently, and Hannisol weights it at 20% of the Pump-Dump Risk score. The combination of active mint authority plus active freeze authority is one of the most dangerous token configurations that exists on Solana.

"Top 10 holders own X%" — A concentration warning. RugCheck typically issues a caution or danger flag when the top 10 wallets (excluding the liquidity pool) hold more than 30–50% of supply. The threshold matters: 35% among genuinely independent wallets is different from 35% among wallets all funded by the same parent wallet.

"Liquidity not locked" or "Lock expires in N days" — RugCheck checks Streamflow and Raydium lock records. An unlocked pool means the team can drain all liquidity in a single transaction. An expiring lock deserves attention — verify the expiry date and factor it into your exit timing if you're holding the token.

"Program not verified" or "Copycat program" — RugCheck maintains a database of known program bytecodes. If a new token's program matches a previously rugged project or is simply an exact copy of a standard meme token template, this flag appears. Unverified programs mean there's no way to confirm what the contract actually does without manual binary analysis.

---

Where RugCheck falls short — and where Hannisol fills the gap

RugCheck is excellent for binary security checks on the token itself. Where it has limitations:

• No domain or website intelligence: RugCheck doesn't check when a project's domain was registered, whether it matches the pattern of a serial rugger's past domains, or whether WHOIS data is hidden versus legitimate. Hannisol performs direct RDAP registry lookups for every analysis.
• No liquidity depth analysis: RugCheck confirms whether liquidity is locked but doesn't calculate your actual execution risk based on pool depth versus your intended position size. Hannisol's Exit Ability score does this.
• No market behavior scoring: Wash trading, synchronized wallet activity, and volume manipulation aren't in RugCheck's scope. Hannisol's Manipulation score evaluates these signals.
• No time-horizon differentiation: RugCheck gives you a single score. Hannisol generates separate Short-Term and Long-Term Suitability scores, recognizing that the same token can be an acceptable speculative trade while being a terrible long-term hold.

---

How to use RugCheck and Hannisol together

The most effective workflow combines both tools in sequence:

1. RugCheck first: Get the quick binary check. If mint authority is active or freeze authority is active — stop there. Do not proceed regardless of anything else.
2. Hannisol second: For tokens that pass RugCheck's basic checks, run a full 8-dimension analysis on Hannisol to understand liquidity risk, manipulation signals, domain credibility, and time-horizon suitability.
3. Manual verification third: For any position larger than your speculative minimum, verify the top 3 flags identified by both tools directly on Solscan.

This sequence takes under 5 minutes and gives you the most complete safety picture available for any Solana token. Start with a full analysis at Hannisol.