It is advised to grant items to the user through CloudScript rather than Client API calls. In my game I want to grant an item to the user when they win a match. I don't know much about security and I am afraid that even when I do this through CloudScript, the client still can be hacked and the hackers can execute the function granting the item through the ExecuteCloudScript request at any time.
What is the proper way to grant an item after some event in the game so that such a way cannot be exploited by hackers? I am working in Unity3D if that matters.