It looks for keywords. At the moment, anything relating to admin privileges, key.dat, Eval, TCPObjects. More is to come, and I'm open to suggestions.
As far as I know, there's no way to actually get admin priviledges in TS, as it's merely an in-game language. TCPObjects have legitimate uses, so that shouldn't be an automatic disqualification. I can honestly say I haven't seen a single case where eval is actually necessary, so yeah that's fine to block. What you should block is stuff like
setKeyDat, all the different secureclientcmds,
crash();, stuff like that
Passwords are salted with a unique salt and then hashed.
Very good, thumbs up
Two concerns: 1. when I try to log in, it makes me authenticate to make sure I'm not a robot. Is this really necessary?
2. Tried to upload addon, got this:
when I went to look at the addon page, it said it detected malicious code, however when it was reviewing it it said there was none detected. What's going on there?