There are projects that scan exit nodes for various heuristics; if they find very bad behavior, they report it to the Tor Project to request a BadExit flag. However, there's no kind of continuum of rankings, just BadExit or not.
My impression from talking to people working on this a few years ago was that they wanted to be a little bit secretive about exactly what they scan for, in order to make it harder for malicious exit operators to anticipate the scans or to distinguish the scans from end-user traffic. There was a suggestion this is an activity that anybody can engage in: if you can think of an attack against Tor users that you know how to detect, you can write your own client that tests for that thing (modifying the path selection algorithm to ensure that you test every exit node!) and then start running your tests. People will be interested in your results.
Oh is it?
The exploit for upstream Firefox on Windows is now completely public, free of charge. How is that worse on Tor, where most people using it have idea that JS and 3rd party connections should be blocked?
You still need to intercept a users' connection and redirect them to malicious JS with a regular Firefox. For the attack to work on a large scale you'd typically you do this by compromising an ad network and hoping you get enough users before SafeBrowsing blacklists you.
With Tor on the other hand you can just run an exit node and infect the user even if (s)he's visiting a regular site.
Regular internet has a few protections:
1. Google safe browsing
2. AdBlocking
3. Websites try to keep their reputation.
Tor exit nodes, on the other hand, have no reputation (and if one gets sullied, spin up another) and costs money.