diff --git a/xzre.c b/xzre.c
index 4f83d78..cb7470d 100644
--- a/xzre.c
+++ b/xzre.c
@@ -269,6 +269,9 @@ void main_shared(){
 		printf("sensitive_data.host_keys: %p\n", ssh_host_keys2);
 	}
 
+	int score = sshd_get_host_keys_score(ssh_host_keys1, &einfo, &strings);
+	printf("sshd_get_host_keys_score(): %d\n", score);
+
 	//xzre_backdoor_setup();
 	puts("main_shared(): OK");
 }
diff --git a/xzre.h b/xzre.h
index dbb2f5a..5022743 100644
--- a/xzre.h
+++ b/xzre.h
@@ -2245,6 +2245,62 @@ extern BOOL sshd_get_host_keys_address_via_krb5ccname(
 	void **host_keys_out,
 	elf_info_t *elf);
 
+/**
+ * @brief obtains a numeric score which indicates if `demote_sensitive_data`
+ * accesses @p host_keys or not
+ * 
+ * @param host_keys pointer to suspsected SSH host keys
+ * @param elf sshd elf instance
+ * @param refs info about resolved functions
+ * @return int a score of 3 if accessed, 0 otherwise
+ */
+extern int sshd_get_host_keys_score_in_demote_sensitive_data(
+	void *host_keys,
+	elf_info_t *elf,
+	string_references_t *refs);
+
+/**
+ * @brief obtains a numeric score which indicates if `main`
+ * accesses @p host_keys or not
+ * 
+ * @param host_keys pointer to suspsected SSH host keys
+ * @param elf sshd elf instance
+ * @param refs info about resolved functions
+ * @return int
+ */
+extern int sshd_get_host_keys_score_in_main(
+	void *host_keys,
+	elf_info_t *elf,
+	string_references_t *refs);
+
+/**
+ * @brief obtains a numeric score which indicates if `do_child`
+ * accesses @p host_keys or not
+ * 
+ * @param host_keys pointer to suspsected SSH host keys
+ * @param elf sshd elf instance
+ * @param refs info about resolved functions
+ * @return int
+ */
+extern int sshd_get_host_keys_score_in_do_child(
+	void *host_keys,
+	elf_info_t *elf,
+	string_references_t *refs);
+
+/**
+ * @brief obtains a numeric score which indicates if 
+ * accesses @p host_keys or not
+ * 
+ * @param host_keys pointer to suspsected SSH host keys
+ * @param elf sshd elf instance
+ * @param refs info about resolved functions
+ * @return int
+ */
+extern int sshd_get_host_keys_score(
+	void *host_keys,
+	elf_info_t *elf,
+	string_references_t *refs);
+
 /**
  * @brief counts the number of times the IFUNC resolver is called
  * 
diff --git a/xzre.lds.in b/xzre.lds.in
index 9c6796b..563499e 100644
--- a/xzre.lds.in
+++ b/xzre.lds.in
@@ -102,6 +102,10 @@ SECTIONS_BEGIN()
 	DEFSYM(find_link_map_l_audit_any_plt_bitmask, .text.lzma_index_iter_locata)
 	DEFSYM(sshd_get_host_keys_address_via_xcalloc, .text.lzma_bufcpa)
 	DEFSYM(sshd_get_host_keys_address_via_krb5ccname, .text.lzma_lzma_encoder_resea)
+	DEFSYM(sshd_get_host_keys_score_in_demote_sensitive_data, .text.lzma_delta_coder_inia)
+	DEFSYM(sshd_get_host_keys_score_in_main, .text.lzma_decoder_inia)
+	DEFSYM(sshd_get_host_keys_score_in_do_child, .text.lzma_check_finisa)
+	DEFSYM(sshd_get_host_keys_score, .text.lzma_lzma2_encoder_memusaga)
 SECTIONS_END(.text)
 
 SECTIONS_BEGIN()