The toolbox once used to be mostly free of “viruses” because no-one had thought of adding them. It was always possible, before Filtering Enabled, require etc., you could still hide an admin script somewhere. But no-one thought or knew to do it.
One day, someone created the infamous Spreading Fire script. It was a script in a Fire particle effect that spread itself to any parts it touched, the way fire does. It did not destroy any parts and could spread to anchored parts.
Then, someone clueless made the Fire invisible to disable it, instead of deleting it. This made it spread invisibly, without any tangible reason to remove or disable it.
Build Mode was a thing back then, you would enter a game with a character and Studio tools, all scripts were live and you could Publish your place as-is and upload models. People would build something, accidentally contaminate it with the invisible fire (by stepping on it with their burning character) and then proudly upload their new creation to the Toolbox, where others would take it, spread the fire to their own place etc.
This was completely novel at the time, just like the Morris worm was in 1988. All the other viruses - Vaccine, dââââââââng you got owned, Anti-Lag, 4D Being etc. were inspired, directly or indirectly, by this fire script. These would put themselves in a Motor6D or Geometry inside every part so they would be invisible from the Explorer. They are the reason why nothing is invisible in Explorer now (except for most services)
(The Roblox response to this was to blank any scripts that exactly matched any of the viruses. At least that’s what it seemed to be - I’ve opened quite a few scripts named “Vaccine” that were completely empty and useless.)
For a while, all the scripts did was spread. There was no particular target in mind, it was just funny for the creators of them to see how many n00bs were uploading infected models. Nobody even made an admin commands script spread itself!
Then someone was inspired to make the virus scripts clear Data Persistency, create popup GUIs, teleport players, give admin commands, cause seizures etc. and it stopped being just for fun.
From this point forward, the toolbox was unsafe to use.
I have to stress that outright malicious viruses are an invention. Before someone came up with it, it was not done, and after that, it was done very often.
The latest innovation is botting the library with infected copies and intentionally misleading people to download the virus, instead of just letting the virus go loose somewhere.
I just wanted to say that the Toolbox exists because it is useful, and once was even fully safe.
The Toolbox is for extremely easily getting an asset for your game, such as a tree that’s nicer than anything you can make or a gun that would take you several hours to make, instantly and with no fuss. It aligns with the ideal of letting you Just Make Things.
The viruses wouldn’t go away if the Toolbox didn’t exist; people would download viruses from elsewhere.