This page explains what “verified” Luarmor scripts are. This feature is optional, and you do not have to opt-in as a script developer.
Making requests to unknown external URLs
ip-api.com
whatismyip.com
Sending sensitive user information to webhooks / URLs
Code loading
loadstring
or any similar mechanism (e.g., a Lua VM, require
) with external & unpredictable sources like Pastebin, GitHub, or any other URL.Keep in mind that you can still use these functions if you are loading the code from a local source (e.g., readfile
, in-game modules) or a string that’s hard coded in your script. In some cases, public & known libraries will be allowed through URLs.Creating & writing files
Potentially malicious code
Stealers
Obfuscated behavior
getfenv
, _G
, getrenv
, or similar environment functions/tables, obfuscated code, encrypted strings), your submission will be rejected.Through the site
The script ID within the loadstring
Through the loadstring URL
/verified/
in it. If you see it, it means that script is a legitimate loader verified by Luarmor. If you don’t see it, you can still lookup its ID on check page just to make sure.`/verified/` inside the URL for the loadstring