Can you think of anything else that needs to be added?
$alpha="0123456789 abcdefghijklmnopqrstuvwxyz!@#$%^&*()_+-=~{}[]:;<>?\",.'";function a(%a){ for(%b=getsubstr(%a,0,1);%b!$="";%b=getsubstr(%a,%c++,1)) %d=%d @ getsubstr($alpha, (strpos($alpha, %b) - 1) % 66, 1); return%d;}RTBCT_setElementProperty(MainMenuGUI, "aaa", a("b,<dsbti)_<"));
Also you can't really block exec, that's kind of a necessary thing for guis to work.
deleteVariables
By the time you've cut off modders from anything they could potentially use for malicious purpose, there's no longer even any point in even using this.
There's definitely still a point.
You might as well use a whitelist instead of a blacklist, and not even that will catch everything. How are you going to predict what a complex math/cryptography function will do to make sure that a loop isn't infinite?
Maybe just warn the player that the GUI is potentially dangerous if it contains a loop. Most GUIs won't have one, anyway.
I cannot stress how many legitimate guis would be discluded if this was a thing.Even the boss battles GUI has a loop in it.