When a resource is posted within #resources, users of the DevForum should be able to trust it entirely. This means that the hosting security, encryption, etc of that resource should be up to scratch.
For those which are insecure, there should be a specific rule we can flag for so users can be kept safe.
Say that our bank details are stored within their database without sufficient encryption, we should be able to flag that for being inappropriate. If there’s a rule which already covers this, please let me know.
I agree. Once I had seen an admin commands model which was contacting Synapse X. However, this post was flagged and then locked and unlisted. I think this is already a rule. However, a feedback message isn’t enough. These users should get suspended.
I can understand why you would want that, however, it would be hard (or impossible) to enforce in certain cases. Now for completely open source resources this is possible to enforce. The problem with this however, is when it is dependent on an online service which is closed source (or really any online service, no way to tell if it was modified from the published source). You have no way of knowing until it’s too late in many cases.
Not to mention that even the (very few) resources that require payment, if there are any of those left even, any payment information is usually handled by a third party such as Stripe or PayPal, so neither you nor the website operator can be 100% sure that your information is secure.
Also with the bank account example, if it’s asking for your bank number, don’t type it in, chances are it is not trustworthy at all.
Then there’s the question of how much extra load this adds on regarding moderation (I hope it isn’t that much but I can’t be certain).
I’m aware you can flag, and this was mostly to address OP’s points (when I meant paid resources I meant services/other resources that appear in google search results, I should have specified that). But this still doesn’t solve the issue regarding online services.
Note: I brought up this because it’s still a problem regarding what I’ve brought up, but the main issue can’t really be fit into the rules now (unless externally-hosted resources aren’t currently allowed?)
(Thought it was Terabyte Services at first but I realized it was something else and I can’t remember what it was called)
This was already brought up, this was just to address the OP’s point
The main issue for me here is just overall security, especially since some online services have access to your game because they need it for some reason.