I wanted to add while this would be a cool idea, it seems to rely too much on browser detection. As an example, i get a 2 with Firefox 7 and NoScript allowing access from the site. But if I disallow scripts from the site, I still get a 2. And some of the "failings" aren't fails, such as:
Actually it does, because I have it enabled.
It does with NoScript. Although Photobucket has gotten annoying lately with the XSS they started using about a week or so ago.
Of course IE9 tests with a 4 out of 4...
If I change my User Agent in Firefox to IE8, I get 3 out of 4.
It would be better if it actually did test browser security, rather than just reading User Agents and returning static info about them.