Add a security note in the README

HyperPyYAML is powerful, perhaps slightly more powerful than users could imagine at first. Add a prominent note that explains this.
speechbrain · Jun 21, 2023 · c71c144 · c71c144
1 parent 1855d61
commit c71c144
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -17,6 +17,12 @@ up python files for data analysis to just the bare algorithm.
 * [How to use HyperPyYAML](#how-to-use-hyperpyyaml)
 * [Conclusion](#conclusion)
 
+### Security note
+Loading HyperPyYAML allows arbitrary code execution. 
+This is a feature: HyperPyYAML allows you to construct *anything* and *everything*
+you need in your experiment.
+However, take care to verify any untrusted recipes' YAML files just as you would verify the Python code.
+
 YAML basics
 -----------