Only the latest version of the scripts in the main branch is actively maintained and receives security-related updates.
| Version | Supported |
|---|---|
Latest (main) |
✅ Yes |
| Older commits | ❌ No |
These scripts run inside the ComputerCraft / CC:Tweaked Lua sandbox within Minecraft. They are designed to:
- Read and write local files on the in-game computer (
fsAPI) - Access peripheral devices connected via Wired Modems
- Make outbound HTTP requests to raw.githubusercontent.com (installer only)
Out of scope: These scripts have no access to your real file system, operating system, network credentials, or any data outside the Minecraft / CC:Tweaked sandbox.
If you discover a security issue — such as:
- The installer downloading from an unexpected or unverified source
- A script that could unintentionally overwrite or delete files on the CC computer
- Any behavior that could be exploited to cause unintended side effects
Please do not open a public GitHub Issue for security-sensitive reports.
Instead, contact the maintainer directly:
- GitHub: @Zonk1987 — open a private Security Advisory
You can expect an acknowledgement within 72 hours and a fix or response within 14 days depending on severity.
- Always review scripts before downloading and running them.
- The installer (
install.lua) only fetches files from this repository viaraw.githubusercontent.com. No other domains are contacted. - HTTP access in CC:Tweaked can be restricted per-server in
computercraft-common.tomlif needed.