Is Psysh Safe?

Psysh — Nerq Trust Score 60.8/100 (C+ grade). Based on analysis of 2 trust dimensions, it is generally safe but has some concerns. with 1 known vulnerabilities Last updated: 2026-07-01.

Use Psysh with some caution. Psysh is a PHP package with a Nerq Trust Score of 60.8/100 (C+), based on 3 independent data dimensions. Below the recommended threshold of 70. Security: 80/100. Popularity: 100/100. Data sourced from packagist.org, GitHub, and NVD. Last updated: 2026-04-12. Machine-readable data (JSON).

Is Psysh safe?

CAUTION — Psysh has a Nerq Trust Score of 60.8/100 (C+). It has moderate trust signals but shows some areas of concern that warrant attention. Suitable for development use — review security and maintenance signals before production deployment.

Security Analysis → Psysh Privacy Report →

What is Psysh's trust score?

Psysh has a Nerq Trust Score of 60.8/100, earning a C+ grade. This score is based on 2 independently measured dimensions including security, maintenance, and community adoption.

Security
80
Popularity
100

What are the key security findings for Psysh?

Psysh's strongest signal is popularity at 100/100. 1 known vulnerabilities were identified. It has not yet reached the Nerq Verified threshold of 70+.

Security score: 80/100 (strong)
Popularity: 100/100 — 9,878 stars on PHP Packages

What is Psysh and who maintains it?

Authorpsy
CategoryPHP Packages
Stars9,878
SourceN/A

Psysh Across Platforms

Same developer/company in other registries:

PSY.Kafka.Consumer
48/100 · nuget

Similar Packagist by Trust Score

psr/container (63)guzzlehttp/guzzle (63)symfony/event-dispatcher (63)symfony/polyfill-ctype (63)phpunit/php-file-iterator (63)
See all safest Packagist →

Compare

Psysh vs psr/containerPsysh vs guzzlehttp/guzzlePsysh vs symfony/event-dispatcher

Safety Guide: Psysh

What is Psysh?

Psysh is a PHP package — An interactive shell for modern PHP..

How to Verify Safety

Run composer audit. Check packagist.org.

You can also check the trust score via API: GET /v1/preflight?target=psy/psysh

Key Safety Concerns for PHP package

When evaluating any PHP package, watch for: dependency vulnerabilities, PHP compatibility.

Trust Assessment

Psysh has a Nerq Trust Score of 61/100 (C+) and has not yet reached Nerq trust threshold (70+). This score is based on automated analysis of security, maintenance, community, and quality signals.

Key Takeaways

Detailed Score Analysis

DimensionScore
Security80/100
Maintenance50/100
Popularity100/100
Quality40/100
Community35/100

Based on 5 dimensions. Data from packagist.org, GitHub, and NVD.

What data does Psysh collect?

Psysh is a PHP package maintained by psy. It receives approximately 542,968,212 weekly downloads.

As a development package, Psysh does not directly collect end-user personal data. However, applications built with it may collect data depending on implementation. Privacy score: 80/100.

Review the package's dependencies for potential supply chain risks. Run your package manager's audit command regularly.

Full analysis: Psysh Privacy Report · Privacy review

Is Psysh secure?

Security score: 80/100. This meets the recommended security threshold for production use.

Nerq monitors this entity against NVD, OSV.dev, and registry-specific vulnerability databases for ongoing security assessment.

Full analysis: Psysh Security Report

Psysh Across Platforms

Same developer/company in other registries:

PSY.Kafka.Consumer (nuget, 48/100)

How we calculated this score

Psysh's trust score of 60.8/100 (C+) is computed from packagist.org, GitHub, and NVD. The score reflects 5 independent dimensions: security (80/100), maintenance (50/100), popularity (100/100), quality (40/100), community (35/100). Each dimension is weighted equally to produce the composite trust score.

Nerq analyzes over 7.5 million entities across 26 registries using the same methodology, enabling direct cross-entity comparison. Scores are updated continuously as new data becomes available.

This page was last reviewed on July 01, 2026. Data version: 1.0.

Full methodology documentation · Machine-readable data (JSON API)

Frequently Asked Questions

Is Psysh Safe?
Use with some caution. psy/psysh with a Nerq Trust Score of 60.8/100 (C+). Strongest signal: popularity (100/100). Score based on Security (80/100), Popularity (100/100).
What is Psysh's trust score?
psy/psysh: 60.8/100 (C+). Score based on Security (80/100), Popularity (100/100). Scores update as new data becomes available. API: GET nerq.ai/v1/preflight?target=psy/psysh
What are safer alternatives to Psysh?
In the PHP Packages category, more PHP packages are being analyzed — check back soon. psy/psysh scores 60.8/100.
Does Psysh have known vulnerabilities?
Nerq checks Psysh against NVD, OSV.dev, and registry-specific vulnerability databases. Current security score: 80/100. Run your package manager's audit command for the latest findings.
Is Psysh actively maintained?
Psysh maintenance score: N/A. Check the repository for recent commit activity and issue responsiveness.
API: /v1/preflight Trust Badge API Docs

See Also

Disclaimer: Nerq trust scores are automated assessments based on publicly available signals. They are not endorsements or guarantees. Always conduct your own due diligence.

We use cookies for analytics and caching. Privacy