As a Roblox developer, it is currently too hard to differentiate plugins and assets that are malicious from ones that are not.
Over the past year, we have seen thousands of malicious plugins appear on Roblox. Users are creating groups named after well-known devs and are uploading malicious content under them.
This is a huge issue as it’s impossible to tell if the plugin is the real deal without doing some research.
There are many new developers out there that don’t notice these plugins aren’t real and end up with malicious code in their games.
I opened the library today hoping to find some more useful plugins. Turns out EVERY single plugin displayed is fake and likely malicious.
Some ways this issue could be resolved include, only featuring plugins that have been on the marketplace for over a couple of months preventing fake plugins from ending up on the front page, another way this can be resolved is if creating groups named after a user were prohibited. For example, if someone wanted to make a group including my name they would not be able to, only the user with that username could. There could also be a verification badge displayed next to real plugins that would easily help differentiate fakes.
If Roblox were to address this issue, this would not only help developers from knowing their plugins are safe but also help developers and average users to be able to easily find assets and resources they need without having to worry about them being malicious.