Skip to main content

Why These APIs Are Blocked

Crafty runs creator-submitted code on shared infrastructure. To protect platform security and stability, submission blocks patterns that enable:
  • shell/process execution,
  • uncontrolled filesystem/network access,
  • runtime reflection/eval bypasses,
  • loading or embedding unsafe native/binary resources.

Important: Scanner Is Pattern-Based

If a blocked pattern appears in submitted source, upload fails, even when:
  • it is in an editor/debug branch,
  • it is inside dead code,
  • it is conditionally executed.

Full Blocked Pattern List

Reserved Paths (Blocked In .pck)

Packs are rejected if they include infrastructure paths, including:
  • res://sdk/
  • res://core/
  • res://server/
  • res://client/
  • res://official_games/
  • res://bootstrap.gd, res://bootstrap.tscn
  • res://project.godot
  • res://crafty.cfg
  • res://export_presets.cfg
  • res://test_runner.gd, res://test_runner.tscn

Blocked Native/Binary Resource Extensions

Packs are also rejected if they include:
  • .gdextension
  • .so
  • .dll
  • .dylib
  • .framework
  • .res

Practical Guidance For AI-Generated Code

When generating code from prompts:
  1. Never generate “debug fallback” branches with blocked APIs.
  2. Prefer SDK primitives (Crafty.data, Crafty.economy, score/teams/sync helpers).
  3. Keep all file/network/process interactions out of creator game scripts.
  4. Use explicit method calls instead of reflective invocation helpers.