When user is returned form IdP (mode = id_res), a list of signed attributes and a signature is included. There is no guarantee that all attributes (ax attributes or sreg attributes) will be signed. This allows an attacker to assert attributes that are unsigned, and if the relying party uses them, they can be falsified.
For relying parties who need to have confidence in those items, there should be a way to tell which attributes are signed, or to only request attributes that are signed. Perhaps a flag to getAttributes($signedOnly = false);
I can work up a patch if you agree.