Originally Posted by KrazyKat
What sorts of backdoors are generally possible to implement in a plugin that could harm a server? I have a similar issue and was genuinely interested in knowing what a developer can do to servers by releasing an amxx file that looks appealing to people but does shady stuff behind your back.
Anything that a plugin is a capable of doing or can be done via RCON access. Generally, you can create, modify, and delete files (including installing other plugins).