@Ipstenu "We have yet to manage to do it in a way that didn't net a bajillion false positives that we have to look at them all manually anyway :/ "
Nope. Purely objective reports.
Have PHP error logging set to maximum, use software to count each category of error, report the findings. Already includes obsolete WordPress functions, obsolete PHP functions, syntax errors, mismatched variable types, uninitialized variables, and more.
Look for occurrences of the most common MySQL function calls (instead of WordPress database functions), report the number.
Get a list of tables after adding a new site (single MySQL query). Software subtract the list of tables started with. Report the difference (or maybe a little more secure, the # tables).
Another test: Any plugin using wp_ instead of the actual table prefix, isn't programmed well.
Similarly, # rows in [tableprefix]_options before and after (shouldn't change, plugins should use [tableprefix]_[siteid]_options).
Show the whole list in a new tab in the Repository, for each version, and watch plugin authors clean up their act!