MDL Shield
Security-First Code Reviews

Ship Secure Moodle™ Plugins With Confidence

Expert security code reviews for Moodle™ plugin developers. Catch vulnerabilities before your users do, protect the institutions that rely on your code, and build a reputation for secure, trustworthy plugins.

View Sample Report
Security Best Practices
Moodle-Specific Checks
Actionable Fix Guidance
Vulnerablereport_filter.php
1234
<?php$query = "SELECT * FROM" . " {user} WHERE id = " . $_GET["id"];
Securereport_filter.php
1234
<?php$user = $DB->get_record( 'user', ['id' => $id]);

What We Review

Thorough security analysis tailored to the Moodle ecosystem.

Moodle-Native Security
Purpose-built for the Moodle ecosystem. We understand capabilities, sesskeys, the $DB API, and the patterns that make Moodle plugins secure — or vulnerable.
Find Issues First
Catch vulnerabilities before they're exploited. Protect the institutions relying on your plugin and your reputation as a developer.
Full Source Audit
Every PHP, JavaScript, and template file is examined in context — not pattern matching, but a thorough line-by-line review of your entire codebase.
Access Control Analysis
Verify your capability checks, role assignments, and permission handling follow Moodle patterns and are applied consistently across all entry points.
Security Badge
Published reviews earn a security grade badge you can display on the Moodle plugin directory, your Git repository, or your own website.
You Control Publication
Review results are yours. You decide if and when they go public. We never publish without your explicit consent.

How It Works

A streamlined process designed to get your plugin reviewed and secured as quickly as possible.

01

Verify Ownership

Sign up and verify that you maintain the plugin. We already track every plugin in the Moodle directory — just confirm it's yours.

02

Run a Scan

Initiate a security review from your dashboard. Our AI-powered analysis examines every file in your plugin, tuned specifically for Moodle security patterns.

03

Review Findings

Receive a detailed report with severity ratings, code snippets, file locations, and clear fix guidance for every issue found.

04

Publish & Badge

Fix any issues, re-scan to confirm, and publish your results when ready. Earn a security badge to show on the plugin directory, GitHub, or your website.

Simple, Transparent Pricing

AI-powered analysis built for the Moodle ecosystem. Free for open source, with optional expert verification.

Community
Free
For non-commercial plugins listed in the Moodle plugins directory
  • AI-powered security analysis
  • Moodle-specific vulnerability detection
  • Detailed report with fix guidance
  • Severity ratings included
  • Verification badge for your plugin
  • 4 reviews per month
For Commercial Plugins
Verified Review
Contact Us
Human-verified findings for production plugins
  • Everything in Community, plus:
  • Expert human verification of all findings
  • False positive elimination
  • Priority support
  • 10 reviews per plugin
Submit Plugin

Frequently Asked Questions

Common questions from plugin developers.