[gamepsys]

You are just kicking the can down the road. Then the tool would be the same random exe attack vector. Even then, if the tool is designed to run random game code then the gamecode is still an attack vector.

Trust in software is a huge issue, but that is a totally separate conversation.

[wakawaka28]

The difference is, you can audit the emulator once and verify that you have the correct original game binary. You can't audit unique binary files generated without code nearly the same way.