identifyexecutor

The executor registers a global C closureClosureA function value that captures its lexical environment. In Luau, closures come in two types: LClosure (Luau bytecode + Proto + upvalues) and CClosure (native C function pointer + upvalues). under the name identifyexecutor (and its aliases getexecutorname, whatexecutor) in the executor environment during injection. When called, it returns two hard-coded string constants — the executor name and build version — directly from native memory. No Roblox API calls are made.

At the bytecodeBytecodeThe compiled binary representation of Luau source code. A sequence of 32-bit instructions (opcodes + operands) stored in a Proto's code[] array. Executed by the Luau VM interpreter. level, calling identifyexecutor() resolves via GETGLOBAL → CALL. The VM dispatches into a C closureClosureA function value that captures its lexical environment. In Luau, closures come in two types: LClosure (Luau bytecode + Proto + upvalues) and CClosure (native C function pointer + upvalues). (lua_CFunction) that pushes two strings onto the Luau stack. Because it is a C closure, debug.info(identifyexecutor, "s") returns "[C]".

Anti-cheat scripts frequently call this to detect executors. Advanced users hook it with hookfunction to return spoofed values:

• Return nil, nil to appear as vanilla Roblox
• Return another executor's name to bypass per-executor blocks
• Wrap with newcclosure so the hook itself appears as a C function