Thanks for your suggestions.
If you care about your server's security, it's much better not to put any of these folders under robots.txt, but to protect them on the server's level.
I suppose,
/lang/ should never be indexed anyway, 'cause any of the files it has, will provide an empty output (language packs do have just definitions, not the output of something). I think SE will not index an empty output, because there's nothing to index.
Also, I'm not sure if in any place of miniBB public sources you could find a reference to the /lang/ folder. It should not just appear in any of the public output HTML. Correct me if I'm wrong.
/img/ folder - you'd laugh, but it brings some traffic. I see few of users come to this forum just to see what the BOLD ICON or PICTURE ICON are about. Also as I know from my experience, many users prefer to use the same folder to keep extra images for the forum, like banners. I'd say it's a matter of taste if you disable this from robots or not. I think, it wouldn't secure anything significantly, but it may bring a little something.
/fonts/ folder comes only in a case if you have the
Captcha module installed. It should not appear in any of the public outputs as well by default, it's used only as the system folder. If you are afraid of stealing your sacred private fonts, then putting it on noindexing mode of robots is not the proper solution. Then you'd better set up another permissions for that folder, which would allow system PHP scripts to read from that, but no other scripts having public access to that.
Preventing displaying of the contents of the folder on the server's level would also cover all cases, incl. SE robots or public access. That means, if you'd open the folder directly, you'd see a 403 Error or something similar.
DirectoryIndex directive in Apache is responsive for that. This is used for all the folders you mention on miniBB forums; for templates, we've put another exclusion under .htaccess.
