It’s possible for any exploiter to save anything that they can see (be it your models, localscripts, or guis). There is nothing you can do about this. What is safe are your server scripts, anything within ServerStorage/ServerScriptService, and anything else the client hasn’t loaded yet.
You shouldn’t really worry about people saving your game. If they reupload your assets then you can DMCA them like suggested above.
Now I’m thinking, and if the exploiters delete the LocalScript of AntiExploiter before they active the real exploiter?
It’s very difficult to make that, because the exploiter don’t know the LocalScript path (if uses a old exploiter, the news made it easy) but you can add a local script that check if the original local script was deleted and kick him.
And if they delete the local script that detect if the original was deleted, is only put in the original local script to detect if the other local script got deleted.
That way is near impossible to they hack using old exploits