linjector-luau-script-ide

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). The GitHub repo is an unknown user’s fork that provides Windows DLL-injection/executor tooling (a common malware/cheat vector) and the short ara.so domain is not a recognized official vendor—together they look like an untrusted distribution/source for potentially malicious executables or payloads.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The code intentionally implements DLL injection (OpenProcess/VirtualAllocEx/WriteProcessMemory/CreateRemoteThread with LoadLibraryA) and an IPC execution channel (named pipe) to run arbitrary scripts inside another process, which is a deliberate remote code-execution/backdoor capability and therefore high-risk for abuse; there is no obvious network exfiltration or credential theft in the shown code, but the injection + named-pipe execution pattern enables malicious control of target processes.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt contains explicit code and instructions to perform DLL injection into other processes (OpenProcess/VirtualAllocEx/WriteProcessMemory/CreateRemoteThread), modify registry settings, and advises running as Administrator — all actions that change system state and can bypass protections.