User blog comment:DaNASCAT/Technical Update: September 9, 2015/@comment-1158325-20150915193819/@comment-5590118-20150915202823

This is very true.

On multiple occasions I have found prominent exploits in scripts that were either new or were in heavy use across Wikia.

A script review process for Dev wiki would definitely help weed out any accidental or malicious security holes in scripts.

While I do have a habit of finding and fixing security issues (and I am sure others do as well) the fact of the matter is that we tend to discover them after the code has gone live which could mean that the damage has already been done.