Before I begin let me state that this is all within OSRS
only.
It certainly isn't from the client alone. I've had a few accounts banned while botting in the browser, just recently actually. One (my treasured main account) was banned while crafting nature runes in the Abyss. Later an account I had auto-fighting in the Security Stronghold and got trapped in a gate, continuing to try to attack an NPC. I noticed it within minutes and fixed it in the script but it was already too late; permanent ban. Later I made a pure fishing account and like the previous account, no trading was done. I sped up to upper 70's within days (via fly-fishing and simulated mousekey dropping) and was permanently banned as well.
I had never seen a PMod in-game with the two latter accounts. The bans weren't manual and no one had used SMART. Now the two accounts I have now (that are also built through private scripts) are still safe and have never been caught. They've also never had any glitches like the account stuck between gates or are not gaining an exceptionally fast amount of XP as my fishing account. Using what I've witnessed personally I can determine:
- The bans aren't directly caused by 3rd party client such as SMART
- Simba itself also didn't seem to directly trigger any bans
- High profit-generating areas/methods seem to be under the microscope
- Too fast of a gain in XP or items might also be a red flag
- Script flaws, even small ones for a short time, could quickly flag your account
- No evidence of chain bans based on IP addresses