diff --git a/.gitignore b/.gitignore
index c03821a..f0da555 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,6 +3,8 @@
 /vendor/
 .php-cs-fixer.cache
 .php-cs-fixer.php
+.phpmd.result-cache.php
+.phpmd.xml
 composer.lock
 phpcs.xml
 phpdoc.xml
diff --git a/.phpmd.dist.xml b/.phpmd.dist.xml
new file mode 100644
index 0000000..364702c
--- /dev/null
+++ b/.phpmd.dist.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0"?>
+<ruleset name="OCC Default PHPMD Ruleset"
+         xmlns="http://pmd.sf.net/ruleset/1.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://pmd.sf.net/ruleset/1.0.0
+                     http://pmd.sf.net/ruleset_xml_schema.xsd"
+         xsi:noNamespaceSchemaLocation="
+                     http://pmd.sf.net/ruleset_xml_schema.xsd">
+    <description>
+        Open Culture Consulting follows PHP Mess Detector standards.
+    </description>
+
+    <rule ref="rulesets/cleancode.xml">
+        <exclude name="ElseExpression" />
+    </rule>
+    <rule ref="rulesets/codesize.xml">
+        <exclude name="TooManyPublicMethods" />
+    </rule>
+    <rule ref="rulesets/codesize.xml/TooManyPublicMethods">
+        <properties>
+            <property name="maxmethods" value="12" />
+        </properties>
+    </rule>
+    <rule ref="rulesets/controversial.xml">
+        <exclude name="CamelCasePropertyName" />
+        <exclude name="CamelCaseVariableName" />
+    </rule>
+    <rule ref="rulesets/controversial.xml/CamelCasePropertyName">
+        <properties>
+            <property name="allow-underscore" value="true" />
+        </properties>
+    </rule>
+    <rule ref="rulesets/controversial.xml/CamelCaseVariableName">
+        <properties>
+            <property name="allow-underscore" value="true" />
+        </properties>
+    </rule>
+    <rule ref="rulesets/design.xml" />
+    <rule ref="rulesets/naming.xml" />
+    <rule ref="rulesets/unusedcode.xml" />
+</ruleset>
diff --git a/README.md b/README.md
index d6df609..8d7be45 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
 
 ***A collection of generic classes and useful traits for PHP projects.***
 
-The package currently contains classes for [type-sensitive data structures](src/DataStructures/), [error and exception handlers](src/ErrorHandlers/), multiple [traits implementing standard interfaces](src/Interfaces/), and more generic [traits for common use cases](src/Traits/). They share the same design principles like property and method naming schema, highest coding standards of [PHPStan](https://phpstan.org/) and [Psalm](https://psalm.dev/), and full [PSR-12](https://www.php-fig.org/psr/psr-12/) compliance to make sure they can be combined and easily used in other projects.
+The package currently contains classes for [type-sensitive data structures](src/DataStructures/), [error and exception handlers](src/ErrorHandlers/), multiple [traits implementing standard interfaces](src/Interfaces/), and more generic [traits for common use cases](src/Traits/). They share the same design principles like property and method naming schema, highest coding standards of [PHPStan](https://phpstan.org/), [Psalm](https://psalm.dev/), [PHP Mess Detector](https://phpmd.org/), [PHP_CodeSniffer](https://github.com/PHPCSStandards/PHP_CodeSniffer/), and full [PSR-12](https://www.php-fig.org/psr/psr-12/) compliance to make sure they can be combined and easily used in other projects.
 
 ## Quick Start
 
diff --git a/composer.json b/composer.json
index a73f097..33d1f88 100644
--- a/composer.json
+++ b/composer.json
@@ -44,6 +44,7 @@
     "require-dev": {
         "phpdocumentor/shim": "^3.5",
         "phpstan/phpstan": "^1.11",
+        "phpmd/phpmd": "^2.15",
         "phpstan/phpstan-strict-rules": "^1.6",
         "friendsofphp/php-cs-fixer": "^3.59",
         "squizlabs/php_codesniffer": "^3.10",
@@ -72,11 +73,18 @@
         "phpdoc:build": [
             "@php vendor/bin/phpdoc"
         ],
+        "phpmd:check": [
+            "@php -r \"if (!file_exists('./.phpmd.xml')) { copy('./.phpmd.dist.xml', './.phpmd.xml'); }\"",
+            "@php vendor/bin/phpmd src/ ansi .phpmd.xml --cache --ignore-violations-on-exit"
+        ],
         "phpstan:check": [
             "@php vendor/bin/phpstan"
         ],
         "psalm:check": [
             "@php vendor/bin/psalm"
+        ],
+        "psalm:check-security": [
+            "@php vendor/bin/psalm --taint-analysis"
         ]
     },
     "scripts-descriptions": {
@@ -84,7 +92,9 @@
         "php-cs-fixer:fix": "Runs a code check with PHP Coding Standards Fixer and tries to fix all issues. If a custom configuration file '.php-cs-fixer.php' exists, it will be used instead of the default settings in '.php-cs-fixer.dist.php'.",
         "phpcs:check": "Runs a code check with PHP_CodeSniffer and reports problems. If a custom configuration file '.phpcs.xml' exists, it will be used instead of the default settings in '.phpcs.xml.dist'.",
         "phpdoc:build": "Builds the documentation from source files in ./src and additional templates in .phpdoc/. If a custom configuration file 'phpdoc.xml' exists, it will be used instead of the default settings in 'phpdoc.dist.xml'.",
+        "phpmd:check": "Runs a code check with PHP Mess Detector static code analyzer and reports problems. If a custom configuration file '.phpmd.xml' exists, it will be used instead of the default settings in '.phpmd.dist.xml'.",
         "phpstan:check": "Runs a code check with PHPStan static code analyzer and reports problems. If a custom configuration file 'phpstan.neon' exists, it will be used instead of the default settings in 'phpstan.dist.neon'.",
-        "psalm:check": "Runs a code check with Psalm static code analyzer and reports problems. If a custom configuration file 'psalm.xml' exists, it will be used instead of the default settings in 'psalm.xml.dist'."
+        "psalm:check": "Runs a code check with Psalm static code analyzer and reports problems. If a custom configuration file 'psalm.xml' exists, it will be used instead of the default settings in 'psalm.xml.dist'.",
+        "psalm:check-security": "Runs a code check with Psalm static code analyzer and reports security issues. If a custom configuration file 'psalm.xml' exists, it will be used instead of the default settings in 'psalm.xml.dist'."
     }
 }