When a user clicks a button (e.g., "Kill All"), the script sends unauthorized instructions to the server. If the game lacks "Filtering Enabled" protections or has "Remote Vulnerabilities," the server obeys the command. The Risks Involved
Never trust the client. Always validate instructions on the server side.
The GUI script is loaded into the game environment.