Please add malware and phishing checks as part of the “Broken Link Checker”. Periodically checking post and comment links for malicious targets would add great value to the plugin and it’s easy to implement.
Phishtank provides a free downloadable database that checks can be run against. It doesn’t cover malware but the database can be downloaded before the periodic link checks, and should be much quicker than using an API dependant remote service.
Google Safe Browsing API is provided free of charge. You send in a URL and get back info about whether the URL is believed to be clean, used for phishing, distributes malware, or otherwise unsafe.
Unsafe URLs should probably be unlinked automatically (for example by commenting out the a element and otherwise leaving things unchanged) to preserve the website’s reputation and keep visitors safe. These links aren’t just “broken” but unsafe.
An existing plugin (GPLv2 licensed) checks Google Safe Browsing on every page load, but this is very bad for performance. The plugin also only checks links found in comments. I thought about expanding that plugin to cover post links as well, but I prefer to check links periodically the way Broken Link Checker works due to the performance issues related to checking them anew on every page load.
https://github.com/jawittdesigns/wp-unsafe-comment-links