Oxymoron, right? Well for somebody who loves perl so much, it is. Anyway here it is...
echo '<? phpinfo() ?>' | php5
http://developer.spikesource.com/projects/phpsecaudit/
sudo apt-get install php5-xslt
Small list of checked expressions, quite difficult to browse.
http://pixybox.seclab.tuwien.ac.at/pixy/
Enables taint analysis of code. Doesn't handle ISO-8859-2 chars well, and breaks with terrifing error, but it's a very promising tool (in Java, sigh)
Great tool to get php's AST tree. Used by Plumhead