Based on https://docs.stoplight.io/docs/spectral/01baf06bdd05a-create-a-ruleset, the rulesets are able to guarantee consistent quality and security guidelines across all APIs.
You can find out exactly how they work and how you can create your own set of rules here. Rulesets explained
Default Rulesets and your own
In the configuration under rulesets, you can see the default rulesets in the upper table. One provided by Spectral for checking the OpenAPI standards and one from OWASP with a focus on security and best practices.
You can of course create your own rulesets and freely define your own rules. You can also extend or adapt the existing rulesets. Rulesets explained
Rulesets can also be deactivated, in which case they no longer have any influence on the API score.
The APIs must be revalidated in the event of an adjustment or a new ruleset.