Here is my wish list that I think every module should have;

1. Be cloneable - since you are the author it would be extremely easy for your to point out what needed to change for the module to be cloned.

Feel free to add yours.

2. Be Compliant - Module output should meet atleast W3C standards.

(I know, I know - Creates a lot more work... but it would speak bounds about the quality of the cms if the developers took this into mind before publishing a module.)

I second both of the above and add the following...

3. Use SEF URLs. - Like this
.../modules/blog/archives/site-updates-and-more/

4. Consistent Editor Options - 1 Extended DHTML editor and 1 WYSIWYG Editor. Keep it simple and fine tune it.

5. Captcha! - Need I say more?

EDIT: This post went on a diet and lost a few pounds of fluff.

* Be audited by a knowledgeable person to ensure all input/sql queries are properly validated (ie. security).

* Have well-documented/commented code.

* Use meaningful variable names so that other people can UNDERSTAND what the code is about.

Quote:

Actually if mod devs used the XOOPS API properly then this wouldn't be necessary as any security holes would effect all mods and therefore be fixable by a change to the XOOPS core.

This form of third party acreditation that you hint at isn't going to work in an open source environment unless we can find that one person in the world who is interested in taking on such an onerous task (vetting all modules being developed line by line) for free!

There are a few earlier suggestions and indeed sme work has been already done on providing a quality assurance framework for module development (search the archives). Most or all have failed because there is not the collective will to impose it (e.g. a XOOPS Acredited Module stamp) nor the brave souls to take it on and run it. Most acreditation schemes I know of come with a bill, precisely because it does take a deal of effort by someone to do the work.