To summarize my question a bit more, I am looking for a way to find out when a third-party module is required, and what script it is required from. Do you guys have any ideas, and is there any service that does this? I am looking for this because of a backdooring issue.
Assuming the script isn’t obfuscated, you just have to find the asset ID of the module being required and stick it at the end of https://roblox.com/library/.
You could try using getfenv(2), it will return a table including the script instance of where the module was required from. But that only works if you can edit the module in some way.