Spaced up a little bit so you can understand that it is indeed a backdoor
Here’s why :
The code is made very confusing on purpose
you have “require” and a “id”, means it is most likely a module loading up
for some reason, it also opens up MarketplaceService, which means he could sell any gamepasses into your game UNLESS you have this disabled (Workspace’s properties)
it leads to a “March 22 2019” Deleted asset, it’s probably safe to assume it’s a plugin https://www.roblox.com/library/2655056793/Content-Deleted
As a prevention to any backdoor, all you need to do is check codes that includes something such as require(id)
You shouldn’t be letting developers you don’t trust as much to your game as stated above, but also it might not end well if you accuse any of them for this and that might end up false. I’d suggest reviewing the sources and see if it’s a plugin.
That doesn’t prevent backdoors at all. You’re just changing the place in which you’re working at. Simple solution is just to check what you’re installing and verify its creator rather than taking it without a second thought behind it.
I think the idea is that if they do their work in another place, you can kind of scan through it while you’re moving it over. As well, the main game is usually much larger and thus easier to hide a backdoor script in.
When the additional developers are only building, it makes this a lot of sense to have that happening in a separate team create place from where the scripting is being done.
Free models and rogue plugins can both still be sources of backdoors. Plugins have access to more of the datamodel, and can execute code that affects your place file outside of Play runtime, so they are more dangerous overall and can hide things in your place. You have to carefully inspect every plugin you install and be very pro-active in protecting your main place file against remote developers whose plugin situations you cannot control.
if you do the maths, it indirectly gives 2655056793, which means the math result is the one loading,
it’s technically not converting letters into numbers,
but iGrU defined numbers, so logically, the id.