# Verified / Safe Scripts ## For script developers: {% hint style="info" %} **Verified** scripts require manual approval by Luarmor owner. **Source code will be reviewed** by owner and deleted from our systems after obfuscation. **Your data will be anonymized** and reviewer will not see who submitted the script. This will ensure that script does not contain any malware or potentially dangerous code (e.g stealers, rats, ip loggers, reflective code loaders etc..) {% endhint %} {% hint style="warning" %} Once you enable Verified mode, you **can not** turn it off due to safety reasons. *(e.g if your Luarmor account gets hacked, bad actors **will not** be able to replace your already existing script to a malicious one without approval)* {% endhint %} ### Rules & Limitations: You will not be able to use certain functions and APIs in your code to ensure 100% safety of your users. Using these functions will result in rejection of your script update request. It will not count from obfuscation. * **Making Requests to Unknown External URLs:** E.g ip-api.com, whatismyip.com or any other site that could be used to obtain information about client is not allowed. * **Sending Sensitive User Information to Webhooks / URLs:** You are not allowed to send IP addresses / cookies of your users to webhooks or other URLs. You can still send other stuff like in-game stats, usernames etc. as long as they are not sensitive. * **Code Loading:** You will not be able to use **loadstring** or any similar mechanism (e.g a lua VM, **require**) with external & unpredictable sources like pastebin, github, or any other URL.\ Keep in mind that **you can still use these functions** if you are loading the code from a local source (e.g readfile, in-game modules) or a string that's hard coded in your script. In some cases, public & known libraries will be allowed through URLs. * **Creating & Writing Files:** You are allowed to write or create files as long as their content is not retrieved from an external & unpredictable source. Also file content must not be malicious or remotely changeable. * **Potentially Malicious Code:** You are not allowed to abuse vulnerabilities within the platform to gain unauthorized access to outside of Luau sandbox. (e.g ACE/RCEs, PC username grabbers, Browser URL openers, RATs, Token loggers etc..) * **Stealers:** Pet stealers, gem stealers, auto traders, robux stealers, cookie stealers etc. are not allowed in Verified scripts. * **Obfuscated Behavior:** If your script contains obfuscated or unpredictable code *(e.g accessing functions through runtime-generated names via getfenv, \_G, getrenv or similar environment functions/tables, obfuscated code, encrypted strings)* your submission will be rejected. New rules / limitations can be added anytime without notification. Existing rules will not be removed. {% hint style="success" %} **Verification** process usually takes less than 30 minutes depending on queue size and availability of the admin. In some cases, it might take up to 12-24 hours due to timezone differences or other reasons. You can check how long it will take on dashboard while creating/editing a script. {% endhint %} {% hint style="success" %} **Your raw script** will be seen by only one person (Federal) and will not be shared. It will be automatically deleted as soon as it is reviewed. **Your data will be anonymized** and reviewer will not see who submitted the script. {% endhint %} ## For script users: If a script is "verified", it means it has been reviewed by a human before publishing, and does not contain malicious code. {% hint style="danger" %} Keep in mind that **verified scripts** do not guarantee quality, we do not test the script in game. We only check it for malwares or loggers. Once they are confirmed to be free of malware, they get published. {% endhint %} ### **How to check if a script is actually Verified?** {% hint style="success" %} You can check if a script is verified through our **Script Checker** page. Copy and paste the script ID into search bar and you will see certain security features of the script if it has been verified. {% endhint %}
{% hint style="info" %} You can **also** check if loader URL has "/verified/" in it. If you see it, it means that script is a legitimate loader verified by Luarmor. **If you don't see it**, you can still lookup its ID on check page just to make sure. {% endhint %}

cdn.luarmor.net is also a safe domain.

{% hint style="warning" %} It is your responsibility to make sure that your loader & script IDs are legitimate. Check the domain (luarmor.net) before proceeding. External loader sources (github.com, pastebin.com, or custom URLs) might contain other scripts. {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.luarmor.net/verified-safe-scripts.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.