If you are unsure of what can be seen by Server and Client you can simply “Start Test Server” and observe the explorer you will know exactly what is accessible by whom.
Very informative thread, have a read and it should cure your concerns.
My advice is let go of what ever is exposed to the Client, you aren’t in control of the security, Roblox is and I doubt that they would do something about.