MDL Shield
Security-First Code Reviews

Ship Secure Moodle™ Plugins With Confidence

Expert security code reviews for Moodle™ plugin developers. Catch vulnerabilities before your users do, protect the institutions that rely on your code, and build a reputation for secure, trustworthy plugins.

24.5k+
Files Scanned
6.0M+
Lines Reviewed
901
Findings Surfaced
209
Security Issues Found
Audit Your PluginView Sample Report
Security Best Practices
Moodle-Specific Checks
Actionable Fix Guidance
Vulnerablereport_filter.php
1234
<?php$query = "SELECT * FROM" . " {user} WHERE id = " . $_GET["id"];
Securereport_filter.php
1234
<?php$user = $DB->get_record( 'user', ['id' => $id]);

What We Review

Thorough security analysis tailored to the Moodle ecosystem.

Moodle-Native Security
Purpose-built for the Moodle ecosystem. We understand capabilities, sesskeys, the $DB API, and the patterns that make Moodle plugins secure — or vulnerable.
Find Issues First
Catch vulnerabilities before they're exploited. Protect the institutions relying on your plugin and your reputation as a developer.
Full Source Audit
Every PHP, JavaScript, and template file is examined in context — not pattern matching, but a thorough line-by-line review of your entire codebase.
Access Control Analysis
Verify your capability checks, role assignments, and permission handling follow Moodle patterns and are applied consistently across all entry points.
Security Badge
Published reviews earn a security grade badge you can display on the Moodle plugin directory, your Git repository, or your own website.
You Control Publication
Review results are yours. You publish community reviews when you choose; repository and pre-release reviews stay private.

How It Works

A streamlined process designed to get your plugin reviewed and secured as quickly as possible.

01

Verify Ownership

Sign up and verify that you maintain the plugin. We already track every plugin in the Moodle directory — just confirm it's yours.

02

Run a Scan

Initiate a security review from your dashboard. Our AI-powered analysis examines every file in your plugin, tuned specifically for Moodle security patterns.

03

Review Findings

Receive a detailed report with severity ratings, code snippets, file locations, and clear fix guidance for every issue found.

04

Publish & Badge

Fix any issues, re-scan to confirm, and publish your results when ready. Earn a security badge to show on the plugin directory, GitHub, or your website.

Simple, Transparent Pricing

AI-powered analysis built for the Moodle ecosystem. Two free reviews a month for community plugins, then pay-as-you-go credits for everything else.

Community
Free
For non-commercial plugins listed in the Moodle plugins directory
  • AI-powered security analysis
  • Moodle-specific vulnerability detection
  • Detailed report with fix guidance
  • Severity ratings included
  • Embeddable security grade badge
  • 2 free reviews per month
  • Top up with extra reviews any time
Get Started
Pay As You Go
AI Review Credits
$25/review
Adds one additional AI review to your account.
  • Community plugins beyond the free quota
  • Commercial plugins
  • Anything not listed in the Moodle plugins directory
  • Review plugins from private repositories
  • Credits never expire
Buy Credits
Custom Solutions
Contact Us
Tailored solutions for Hosting Providers, LMS Integrators, and institutions.
  • Site Audit: whole-install review
  • Optional Moodle core diff review
  • Custom work and integrations
Contact Sales
See full pricing details →

Frequently Asked Questions

Common questions from plugin developers.