From 9be8debc31f81fff6808eb1ba01ea9b0d8b90118 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sat, 22 Nov 2025 08:25:54 +0000
Subject: [PATCH 1/2] Initial plan


From 71f6295ef86d5e4e9ce4b7b4def83660c6ea0218 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sat, 22 Nov 2025 08:28:06 +0000
Subject: [PATCH 2/2] Add security disclaimer to README.md

Co-authored-by: pkrusche <1199561+pkrusche@users.noreply.github.com>
---
 README.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/README.md b/README.md
index a8e7b5d..5529ba2 100644
--- a/README.md
+++ b/README.md
@@ -4,6 +4,14 @@
 
 `replr` provides a robust system for executing R code in isolated worker processes, offering complete separation between the main R session and code execution environments. Useful for applications that need to run untrusted or potentially problematic R code without affecting the parent process.
 
+## ⚠️ Security Disclaimer
+
+**IMPORTANT:** While `replr` provides various isolation mechanisms (process isolation, Docker containers, Firejail sandboxes, macOS sandboxes) to help contain untrusted code execution, **no security solution is 100% foolproof**. These isolation methods can reduce risk but cannot guarantee complete protection against all attack vectors.
+
+**You are solely responsible for any consequences of running malicious or untrusted code.** The maintainers of this package accept no liability for damages, data loss, security breaches, or other issues arising from the execution of code in isolated environments.
+
+Always exercise caution when executing untrusted code, even in isolated environments. Consider additional security measures appropriate for your use case and threat model.
+
 ## Installation
 
 You can install the development version of replr like this: