diff --git a/docs/images/docker-brave.md b/docs/images/docker-brave.md
index 8e82efe777..42b1621f0e 100644
--- a/docs/images/docker-brave.md
+++ b/docs/images/docker-brave.md
@@ -41,6 +41,14 @@ The application can be accessed at:
 
 * https://yourhost:3001/
 
+
+### Security
+
+>[!WARNING]
+>Do not put this on the Internet if you do not know what you are doing.
+
+By default this container has no authentication and the optional environment variables `CUSTOM_USER` and `PASSWORD` to enable basic http auth via the embedded NGINX server should only be used to locally secure the container from unwanted access on a local network. If exposing this to the Internet we recommend putting it behind a reverse proxy, such as [SWAG](https://github.com/linuxserver/docker-swag), and ensuring a secure authentication solution is in place. From the web interface a terminal can be launched and it is configured for passwordless sudo, so anyone with access to it can install and run whatever they want along with probing your local network.
+
 ### Strict reverse proxies
 
 This image uses a self-signed certificate by default. This naturally means the scheme is `https`.