Skip to main content
WP HealthKit

PHPCS

PHP_CodeSniffer (PHPCS) is a tool that detects violations of coding standards in PHP code, with WordPress-specific rulesets that enforce security and style conventions.

How it works

PHPCS analyses PHP source code against a set of rules (called 'sniffs') and reports violations. The WordPress Coding Standards (WPCS) ruleset includes security-focused sniffs that check for proper escaping, sanitization, and nonce usage — the same checks the WordPress.org plugin review team applies manually.

In WordPress

Running PHPCS with the WordPress standard is effectively a pre-submission review. WP HealthKit runs PHPCS automatically as one of its 17 verification layers and reports a coding standards score from 0-100.

WP HealthKit checks for PHPCS-related vulnerabilities automatically

Run a Free Audit
What Is PHPCS? PHP CodeSniffer Explained for WordPress Development | WP HealthKit