Is Drush Safe? Trust Analysis 2026

Nerq Trust Intelligence

Is Drush Safe?

Drush — Nerq Trust Score 53.5/100 (C- grade). Based on analysis of 2 trust dimensions, it is has notable safety concerns. Last updated: 2026-03-31.

Use Drush with some caution. Drush is a PHP package with a Nerq Trust Score of 53.5/100 (C-), based on 3 independent data dimensions. It is below the recommended threshold of 70. Security: 65/100. Popularity: 95/100. Data sourced from packagist.org, GitHub, and NVD. Last updated: 2026-03-31. Machine-readable data (JSON).

Is Drush safe?

CAUTION — Drush has a Nerq Trust Score of 53.5/100 (C-). It has moderate trust signals but shows some areas of concern that warrant attention. Suitable for development use — review security and maintenance signals before production deployment.

Security Analysis → {name} Privacy Report →

What is Drush's trust score?

Drush has a Nerq Trust Score of 53.5/100, earning a C- grade. This score is based on 2 independently measured dimensions including security, maintenance, and community adoption.

Security

65

Popularity

95

What are the key security findings for Drush?

Drush's strongest signal is popularity at 95/100. No known vulnerabilities have been detected. It has not yet reached the Nerq Verified threshold of 70+.

⚠Security score: 65/100 (moderate)

⚠Popularity: 95/100 — community adoption

What is Drush and who maintains it?

Author	drush
Category	packagist
Source	N/A

Similar Packagist by Trust Score

mrclay/minify (54)eluceo/ical (54)doctrine/migrations (54)doctrine/reflection (54)matthiasmullie/minify (54)

See all safest Packagist →

Safety Guide: Drush

What is Drush?

Drush is a PHP package — Drush is a command line shell and scripting interface for Drupal, a veritable Swiss Army knife designed to make life easier for those of us who spend some of our working hours hacking away at the comm.

How to Verify Safety

Run composer audit. Check packagist.org.

You can also check the trust score via API: GET /v1/preflight?target=drush/drush

Key Safety Concerns for PHP packages

When evaluating any PHP package, watch for: dependency vulnerabilities, PHP compatibility.

Trust Assessment

Drush has a Nerq Trust Score of 54/100 (C-) and has not yet reached Nerq trust threshold (70+). This score is based on automated analysis of security, maintenance, community, and quality signals.

Key Takeaways

Drush has a Trust Score of 54/100 (C-).
Review carefully before use — below trust threshold.
Always verify independently using the Nerq API.

Frequently Asked Questions

Is Drush safe to use?

Use with some caution. drush/drush has a Nerq Trust Score of 53.5/100 (C-). Strongest signal: popularity (95/100). Score based on security (65/100), popularity (95/100).

What is Drush's trust score?

drush/drush: 53.5/100 (C-). Score based on: security (65/100), popularity (95/100). Scores update as new data becomes available. API: GET nerq.ai/v1/preflight?target=drush/drush

What are safer alternatives to Drush?

In the packagist category, more PHP packages are being analyzed — check back soon. drush/drush scores 53.5/100.

Does Drush have known vulnerabilities?

Nerq checks Drush against NVD, OSV.dev, and registry-specific vulnerability databases. Current security score: 65/100. Run your package manager's audit command for the latest findings.

How actively maintained is Drush?

Drush has a trust score of 53.5/100 (C-). Below Nerq Verified threshold — conduct additional review.

API: /v1/preflight Trust Badge API Docs

Popular in packagist

Minify 54 Ical 54 Migrations 54 Reflection 54 Minify 54 Barcode 54 Lexer 53 Inflector 53 Instantiator 53 Uuid 53 Email Validator 53

Recently Analyzed

Descript (Audio) ai_tool Express npm Airbrake saas Expedia: Hotels, Flights, android Redbox android Agentsync saas Fox Sports android Castle Crush：Epic Battle android Youtube Tv android Browserstack saas

Disclaimer: Nerq trust scores are automated assessments based on publicly available signals. They are not endorsements or guarantees. Always conduct your own due diligence.