I have a tendency to screw up my computer by downloading, adding, modifying, etc. I'm sure for many of you that seems normal but in my case- I don't always know what I'm doing.
When I found this page I just about peed my pants! All the choices....

How do you pick just a few? How do you know it's safe? (had this problem a few times)

I have a new computer. First time Mac user.

Any ideas, advice, or link to a help page is appreciated.

Thank you.

Macs are for people who have no idea about Computers, so it should be perfect for you.

And the worst thing that could happen by using Greasemonkey or a userscript would be that someone stole your password.

Ah huh. And how do I avoid that?

Anyone else? Comments? (See earlier post)

The vast majority of scripts on this site are safe. If you're unsure, a quick test would be to see how long the script's author has been a member here. Anything over a month or two is likely safe; it's highly unusual for malicious users to create an account then wait; they typically create an account, use it, and never touch it again.

As for downloading stuff, you should just generally be careful and make sure you know and trust who you're downloading from.

-Joel

You should probably take a look at the number of people using the script and be sure to read comments and see what other people thought about the script. By looking at the dates of the comments and the date that the script was last updated you may also be able to get an idea of how long the script has been around (older might mean better).

Also, when installing a script you should see a list of the sites that the script will run on. Make sure it is only set to run on the sites it's supposed to run on. (If it's just a * that means it will run on all sites)

If you eventually learn Javascript you could take a look at the code before installing, but honestly I don't think I've ever done that even though I know Javascript well enough to submit my own scripts. I just try to look at the stuff I mentioned above, and I don't install too many scripts either.

I think you really want to know if JavaScript is safe or potentially harmful. Greasemonkey User Scripts are hardly any more harmful than JavaScript code that is included on the sites you visit.

JavaScript runs in the browser. when you close the browser that stops the script. Mozilla developers try very hard to make sure that JavaScript can't do anything harmful or breach any security. It can't read files on your computer, run applications or steal information. And yet it allows web developers to modify web pages and automate actions based on what you click on (and other things like cookies, or where you are located or what browser you are using). Trust relies on the information you supply to the site, and to the reputation of the site.

Greasemonkey extends that trust to the developer of the user script. The Greasemonkey developers work on improving the security and stability of Greasemonkey, much like any other extension, so that nothing "bad" can happen. You still have to have some trust in the random user script writer.

Trusting a user script writer is not too hard, as mentioned above by Vaughan Chan... read a few comments and look at other scripts and comments by the Scriptwright. There are people here looking out for malicious scripts, and hopefully we catch it or comment on it. Poorly written JavaScript code can cause minor problems like a browser lockup, where you might have to close the browser or just open another page.

Greasemonkey can be disabled, and the next page you load won't be running any user scripts. Just click on the Greasemonkey icon or uncheck Enabled from the menu. If you provide private information to a site, any user script running on that site can pass that information to some other site without you knowing. That is the reason for the warnings here, and why I say that Trust extends to the user script writer. In this case you can turn off Greasemonkey or exclude scripts from running on sites that you share private information with.

PS: I want to explain what I mean by "site", because I believe that few people understand what that is. I am referring to the Domain above that you see in the location bar. Here it is http://userscripts.org/forums/2/topics/1645, and the domain is userscripts.org.
The domain is read backwards, starting at the first single forward slash, mostly the "big word" before the last (or second-last) period. This cannot, without some serious internal mucking around, be forged, because it is "owned".

So http://www.userscripts.org/, http://userscripts.org/, http://what.ever.userscripts.org/, are all owned by the same person (if it exists).

This is not true for other domains that might look the same, like http://userscripts.info/, http://userscripts.org.gotscript.com/, or http://getscript.net/userscripts.org/foolyou.page, which are all apparently trying to fool you. Though http://userscripts.info/ could be this site but I've never checked.
The trick is to not get fooled into giving information to the wrong person.

It doesn't.