From f0bdf34e6a05c48de0be6f069fb981c5f4dbb9af Mon Sep 17 00:00:00 2001
From: Jack Kingsman <jack.kingsman@gmail.com>
Date: Sat, 7 Feb 2026 21:06:03 -0800
Subject: [PATCH] Strengthen README warning about getting pwnd

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index e9c7fa4..4166e8f 100644
--- a/README.md
+++ b/README.md
@@ -8,7 +8,7 @@ Backend server + browser interface for MeshCore mesh radio networks. Attach your
 * Access your radio remotely over your network or VPN
 * Brute force hashtag room names for GroupTexts you don't have keys for yet
 
-**Warning:** This app has no authentication. Run it on a private network only -- do not expose to the internet unless you want strangers sending traffic as you.
+**Warning:** This app has no auth, and is for trusted environments only. _Do not put this on an untrusted network, or open it to the public._ The bots can execute arbitrary Python code which means anyone on your network can, too. If you need access control, consider using a reverse proxy like Nginx, or extending FastAPI.
 
 ![Screenshot of the application's web interface](screenshot.png)