Please be aware that more than one mod author has recently added "malicious" or suspect code to their mods which may create comments or cause other Steam activity which you did not authorize. There is the well known example of a mod recently removed from the Workshop, but there have been several others more or less concurrent with that one, which haven't been noticed.

If you happen to see comments you did not post, or, find yourself having visited or liked mods you did not visit or try, then it's possible you have a mod on your mod list which has this kind of code. If this is the case, it's probably best to unsubscribe from such mods to avoid unauthorized outbound connections from your computer.

I became aware of this problem the other day when to my great surprise, I saw a "curl()" request fail due to OSX's generalized distrust of applications accessing the network without permission. The mod in question was removed, either by steam or the author shortly after. Curl is a perfectly normal tool, but shouldn't normally be used by mods without the player being aware of this fact.

My personal feelings are that adding a post, like or favorite especially in a player's name without consent in advance, is a breach of the contract which is understood to exist between a conceptor, developer, and the player/user.

I bring this matter to your attention because if mod authors are allowed to behave like this by their community, the result is will be a distrust of mods, which ultimately will lead to restrictions on what we can or can't implement in our creations for the player, or, direct curation of what material RimWorld players can use from the Workshop.

NB: Do not see source code for the mod as an indication that its functionality is transparent, and reflected by the source code included by the developer. :(

Decompiling two mods revealed other code sections not present in the source, including in one case creation of a method from bits and pieces of other code (IL which was "borrowing" text segments to create methods appearing nowhere in the source code.)

This is a typical malicious code technique, unfortunately.