I’m going to add on what the other guy said, exploiters can only change Client Sided scripts NOT server sided scripts, so if you were to store the magAmmo variable in a server sided service exploiters will not be able to change it (unless they literally hack into the roblox servers). This is why you almost never trust the client.
Yes. The WeaponInfo script is server sided. Camera is client side. To repeat what others have said, the client cannot change the server script, but they can change the client script since that does run on the client.