From 2dbce769f08343bcc866a6d03b848cca2a1c8505 Mon Sep 17 00:00:00 2001 From: Lartsch Date: Tue, 20 Dec 2022 23:29:44 +0100 Subject: [PATCH] Update README.md --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 5677215..6deb2d4 100644 --- a/README.md +++ b/README.md @@ -80,7 +80,8 @@ Currently not in a reliable way, but: Feel free to create an issue here on GitHub and I will look into it. -**Is this safe to use?** +**Is this safe to use?** + This project is open source. Anyone with some programming knowledge can check out the source code, either here on GitHub or by extracting the addon file from the addon stores. Considering the implementation, I am not aware of any risks. Efforts were made to prevent servers from abusing this addon to perform actions on the user's behalf. It does not require your username or password. All data is stored in your browser locally. The only sensitive data it stores is your API token. This token is **only** sent to your home server. No other data ever leaves your device. As far as I know, external servers cannot access the requests made by FediAct and can therefore not gain your token.