Feedback from using the new plugin check

[Zodiac1978]

There is a new plugin for checking plugins:
https://wordpress.org/plugins/plugin-check/
https://github.com/10up/plugin-check

I have checked ASB with it ang got some issues:

WordPress.Security.NonceVerification.Recommended Line 83 of file inc/columns.class.php.
Processing form data without nonce verification.
$orderby = isset( $_GET['orderby'] ) ? sanitize_text_field( wp_unslash( $_GET['orderby'] ) ) : '';

WordPress.Security.NonceVerification.Recommended Line 108 of file inc/columns.class.php.
Processing form data without nonce verification.
$spam_reason = isset( $_GET['comment_spam_reason'] ) ? sanitize_text_field( wp_unslash( $_GET['comment_spam_reason'] ) ) : '';

WordPress.Security.NonceVerification.Recommended Line 133 of file inc/columns.class.php.
Processing form data without nonce verification.
$spam_reason = isset( $_GET['comment_spam_reason'] ) ? sanitize_text_field( wp_unslash( $_GET['comment_spam_reason'] ) ) : '';

WordPress.Security.NonceVerification.Recommended Line 240 of file antispam_bee.php.
Processing form data without nonce verification.
if ( ! empty( $_GET['comment_status'] ) && 'spam' === $_GET['comment_status'] && ! self::get_option( 'no_notice' ) ) {

WordPress.Security.NonceVerification.Recommended Line 549 of file antispam_bee.php.
Processing form data without nonce verification.
return ( ! empty( $_GET['page'] ) && 'antispam_bee' === $_GET['page'] );

WordPress.WP.AlternativeFunctions.file_system_read_file_put_contents Line 2429 of file antispam_bee.php.
File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: file_put_contents().
file_put_contents(

WordPress.WP.AlternativeFunctions.strip_tags_strip_tags Line 2605 of file antispam_bee.php.
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.
$content = strip_tags( stripslashes( $comment['comment_content'] ) );

WordPress.WP.AlternativeFunctions.strip_tags_strip_tags Line 2626 of file antispam_bee.php.
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.
strip_tags( $post->post_title )

WordPress.WP.AlternativeFunctions.strip_tags_strip_tags Line 2630 of file antispam_bee.php.
strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.
( empty( $comment['comment_author'] ) ? '' : strip_tags( $comment['comment_author'] ) )

[Zodiac1978]

So we have 1 recommendation:
WordPress.Security.NonceVerification.Recommended

And two bugs:
WordPress.WP.AlternativeFunctions.file_system_read_file_put_contents
WordPress.WP.AlternativeFunctions.strip_tags_strip_tags

Using wp_strip_all_tags has this notice:

This differs from strip_tags() because it removes the contents of the <script> and <style> tags. E.g. strip_tags( '<script>something</script>' ) will return ‘something’. wp_strip_all_tags will return ”

Not sure about the other one. There are 8597 plugins in the directory (including WooCommerce, Yoast, Jetpack) which are using it:
https://wpdirectory.net/search/01HAYN7Q221PBQ7TFVKGHTS1WB