WordPress.org host most GPL based Themes, but we use lots theme from different source. And stories are sometime true, some WordPress theme really contains risky code and malicious code which might be harmful. So it would be better if we could test Theme Authenticity somehow.
TAC(Theme Authenticity Checker) is a WordPress Plugin, TAC stands for Theme Authenticity Checker. Currently, TAC searches the source files of every installed theme for signs of malicious code. If such code is found, TAC displays the path to the theme file, the line number, and a small snippet of the suspect code. As of v1.3 TAC also searches for and displays static links.
Then what do you do? Just because the code is there doesn’t mean it’s not supposed to be or even qualifies as a threat, but most theme authors don’t include code outside of the WordPress scope and have no reason to obfuscate the code they make freely available to the web. We recommend contacting the theme author with the code that the script finds, as well as where you downloaded the theme.
The real value of this plugin is that you can quickly determine where code cleanup is needed in order to enjoy your theme.
Download TAC (Current, v 1.4)