From 9b0da1f892fe60429b7f72cb1239a0859d68f561 Mon Sep 17 00:00:00 2001
From: Ola Hungerford <olahungerford@gmail.com>
Date: Sun, 23 Mar 2025 08:19:52 -0700
Subject: [PATCH] Add note on security considerations for proxy server

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index a6ab6d4..4eb2467 100644
--- a/README.md
+++ b/README.md
@@ -42,6 +42,10 @@ For more details on ways to use the inspector, see the [Inspector section of the
 
 The inspector supports bearer token authentication for SSE connections. Enter your token in the UI when connecting to an MCP server, and it will be sent in the Authorization header.
 
+### Security Considerations
+
+The MCP Inspector includes a proxy server that can run and communicate with local MCP processes.  The proxy server should not be exposed to untrusted networks as it has permissions to spawn local processes and can connect to any specified MCP server.
+
 ### From this repository
 
 If you're working on the inspector itself: