So you want to get some amazing SiteJS scripts. One person says they wrote a super small script that can add admin features. He shows you a screenshot of the admin area, and you ask for the script, thinking it's real. However, most likely, you just got a scam script.
What are scam scripts?
Scam scripts are scripts from people that say they do something other then they really do. Usually, this will probably be malicious, with the possibility of stealing your browser cookie!
You might be thinking, "What bad is having my cookie?" The answer is, pretty catastrophic. Your cookie tells SBS who you are.
People with your cookie can pretend they're you to the server, and that's not good, because now they can find out info about you, or get you banned!
How can I protect myself against scam scripts?
Quite simply, look through the script first. If you see any references to document.cookie, DON'T USE IT!!!
If it causes malicious behavior, like blanking out pages, go to http://smilebasicsource.com/editor?nositeJS=1&type=site to access your siteJS editor and remove it.
If you randomly "log out", but you keep your theme, OR you're able to join chat, remove the code immediately!
Finally, if it's obfuscated, don't use it. There really is no need for obfuscated scripts unless you're selling scripts, or making a malicious script. Usually, you can easily tell it's been obfuscated if it has a bunch of references to weird hex numbers, or is all on one line with no reason.
Don't forget to be critical. If you think something's too good to be true, it PROBABLY is. If you don't understand JS, ask someone who can to check the script for you, like me (BrokenR3C0RD). Don't use the script if they say it's malicious.