diff --git a/README.md b/README.md
index e240bfe..60f7940 100644
--- a/README.md
+++ b/README.md
@@ -38,7 +38,7 @@ npx @hailbytes/mcp-security-scanner ./mcp-config.json
 npx @hailbytes/mcp-security-scanner https://my-mcp-server.example.com
 
 # Output SARIF for GitHub Code Scanning + fail on findings
-npx @hailbytes/mcp-security-scanner ./config.json --output=sarif --exit-code
+npx @hailbytes/mcp-security-scanner ./config.json --format=sarif --exit-code
 ```
 
 ### Programmatic
@@ -49,7 +49,7 @@ import { scan } from "@hailbytes/mcp-security-scanner";
 const report = await scan({ configPath: "./mcp-config.json" });
 
 console.log(report.findings);  // Finding[] — individual security issues
-console.log(report.score);     // 0–100 risk score (lower = riskier)
+console.log(report.score);     // 0–100 risk score (higher = riskier; 0 is safest)
 console.log(report.passed);    // boolean — use as CI gate
 ```
 
diff --git a/dev-to/launch-post.md b/dev-to/launch-post.md
index b173bee..60a9b83 100644
--- a/dev-to/launch-post.md
+++ b/dev-to/launch-post.md
@@ -41,7 +41,7 @@ npx @hailbytes/mcp-security-scanner ./mcp-config.json
 npx @hailbytes/mcp-security-scanner https://my-mcp-server.example.com
 
 # SARIF output + fail the build
-npx @hailbytes/mcp-security-scanner ./config.json --output=sarif --exit-code
+npx @hailbytes/mcp-security-scanner ./config.json --format=sarif --exit-code
 ```
 
 ## Programmatic