Is Prophecy Safe?

What is Prophecy's trust score?

Prophecy has a Nerq Trust Score of 63.2/100, earning a C+ grade. This score is based on 2 independently measured dimensions including security, maintenance, and community adoption.

What are the key security findings for Prophecy?

Prophecy's strongest signal is popularity at 100/100. No known vulnerabilities have been detected. It has not yet reached the Nerq Verified threshold of 70+.

What is Prophecy and who maintains it?

Detailed Score Analysis

Based on 5 dimensions. Data from packagist.org, GitHub, and NVD.

What data does Prophecy collect?

Prophecy is a PHP package maintained by phpspec. It receives approximately 550,962,119 weekly downloads.

As a development package, Prophecy does not directly collect end-user personal data. However, applications built with it may collect data depending on implementation. Privacy score: 80/100.

Review the package's dependencies for potential supply chain risks. Run your package manager's audit command regularly.

Full analysis: Prophecy Privacy Report · Privacy review

Is Prophecy secure?

Security score: 90/100. This meets the recommended security threshold for production use.

Nerq monitors this entity against NVD, OSV.dev, and registry-specific vulnerability databases for ongoing security assessment.

Full analysis: Prophecy Security Report

How we calculated this score

Prophecy's trust score of 63.2/100 (C+) is computed from packagist.org, GitHub, and NVD. The score reflects 5 independent dimensions: security (90/100), privacy (80/100), reliability (90/100), transparency (50/100), maintenance (60/100). Each dimension is weighted equally to produce the composite trust score.

Nerq analyzes over 7.5 million entities across 26 registries using the same methodology, enabling direct cross-entity comparison. Scores are updated continuously as new data becomes available.

This page was last reviewed on April 13, 2026. Data version: 1.0.

Full methodology documentation · Machine-readable data (JSON API)