How vulnerable is a function created on the server that is tied to a Humanoid.Died Connection?

I’ve managed to create a system in my game which allows for each Player’s character to respawn with certain specifications including a Folder containing the necessary GUIs of the game every time their humanoid has detected a death using Humanoid.Died:Connect()

Not that it’s a technical issue (Because the system loads data seamlessly and doesn’t glitch out even remotely so far) , but assuming it’s less effective method of fetching personal data (In terms of security against exploiters),

Are security caveats opened at all to server content if a *Humanoid.Died:Connect() Connection fetches assets from ServerStorage or ServerScriptService?

Important points -
Inside of the Humanoid.Died:Connect() Connection, my Server function, ReloadAssets(Player)--I have experimented sending non-player references and they have worked so far in terms of being blocked

is called, (Because it was created on the server),
The Humanoid.Died:Connect() Connection is created by the server via a Player.CharacterAdded:Connect(function()) which is then inside of a game.Players.PlayerAdded:Connect() Connection

I know that the client can change anything that is inside or even involved with the Client including Remotes (In this case, I’m not using remotes), but would the client be able to change any properties of the Server Function that’s passed when their Humanoid Dies?

Just asking this (with O.C.D to exploit checks) to ensure that even if the Client could change certain properties, it wouldn’t affect other player’s Data or Core assets that the Server scripts clone to players when they spawn or respawn and/or just ruin their own ability to play the game rendering the attempted exploit moot.

(Forgot to add this to important points) -
I needed to state that I am not using or going to involve StarterGui, StarterCharacter, StarterPlayer as the way characters spawn in this game is Highly exclusive and those services handle all players.

No need to answer this question anymore - I found my own solution to this. :smiley:

To avoid “solved it nevermind” endings for someone who may have the same question in the future: if your code is in a server script (such as is said in OP), it doesn’t matter what it makes a connection to because the connection will only be accessible on the server.