Links are dead. If you keep your Wordpress updated and plugins updated.. your pretty good. Unless you have holes in your server and PHP config settings... Which this probably wouldnt spot, since that has nothing to do with wordpress..
Good Idea, just checking the wrong things and giving people a false sense of "security".
The only large and dangerous exploit with Wordpress was the TimThumb exploit. However, that has been patched for a while, and the only people infected are those who haven't updated or are still using plugins/themes from over a year (maybe 2) ago...
You need to be checking if the server is remote include, remote fopen, safemode on (despite what it is called, safemode should be OFFFF), register globals OFF, and a few other i can't think of quickly off the top of my head. I would have to skim down through my php.ini lol