Is There Any Way to Check the Level of Security of a Project?

The best practice that I've seen so far in the space is simply going inside the community channels. Community members are asking what kind of protective solutions are you using? Have you been audited? Who has been your auditor? Can I see the audit and the results? The community members are coming and doing that job actually. We have this kind of goal where we would have a verification system of sorts where each and every project that uses the lossless tools would have some kind of a badge signature on their website or somewhere in public communications. But unfortunately at this point that's those are the probably best methods of checking if the project is secure or not security still taking maybe steps in web three but