Where are you downloading the Writr template from?
Here?
What antivirus are you running?
I don't know what the security is like on that GitHub repository - I suspect, given the author, that access and key control is Best Practise (though SHA2 checksums don't seem to be used). I
do trust the author of that plugin to write and ensure contributed code is secure - if that helps.
You can always download, install, and use a static PHP tester (like RIP), or try OWASP Zed Attack Proxy which tests the all the code in a live DokuWiki if you want to do some, limited, testing to satisfy yourself.