Security auditing and response

Rationale
Insecure code sucks :-)

Review queue

 * Twig (for use with Fundraiser code)
 * User Metrics API
 * Wikibase client LinkItem
 * Limn
 * Kraken

This list may not be complete (possibly due to oversight, possibly due to security reasons for not putting this out there), and may not be in priority order.