Well you also have to ask yourself if its worth sticking a virus or something else in a script that goes to a bunch of Poser users. I mean this is a rather small selection of people. Python is used in industry and any attack would be through that area, not some script here. As was stated above, if you get a script that you don't trust, don't use it. For example, I posted Morph Manager but no one to date as asked whether it contains a virus. Also, once someone gets clobbered I'm sure they will quickly post a notification that either the script didn't work or destroyed data. When I used publically posted scripts in the past I'd either wait for a settle down period of a bout a week or two or I'd run RExec on it or just puruse the source script. Never accept a compiled script file if its not from a trusted source. As for the RExec, Python gives the user file IO capabilities as well as other links into the host machine. RExec basically accepts calls to these file io functions but won't act on them and logs actions instead. It provides a false front to the script. You can customize how restrictive the execution environment can be. Again, Python has been used in industry for years. Using scripts can be dangerous but using common sense will avoid a lot of headaches.