All Inno had to do was check whether each mouse click was trusted or not. Instead they go for weirdest solution. it was probably the most cheap to implement...since they did not have to change the source code.Probably. Punish many for the actions of few or whatever.
Innogames. Add mouse clicks and button taps to an array, compare it to requests from the server, you solved all your injected script problems.
Externally, there are ways to catching mouse click simulators or reauests sent through cmd. Learn thm.
The game already sends a request to get a morale factor once you press on a village...why not track whether that click happens, aand whether that event is trusted...just carry Event.isTrusted from mouse click to the actual request...no all requests no matter scripted or not register as trusted because the source code...midly speaking never took scripting into account.