I still don't see how someone would write a rootkit within the flash dev environment, although I can see how they could embed a rootkit within a .swf, and if that's the case, as long as you have a firewall monitoring outgoing connections, it'll be picked up.