Update README.md

sydseter · web-flow · commit 3ec32eb9dee7 · 2025-12-15T22:52:47.000+01:00
diff --git a/copi.owasp.org/README.md b/copi.owasp.org/README.md
@@ -232,3 +232,8 @@ An attacker can continue to create an unlimited amount of games and players unti
 #### What can you do about it?
 
 We are working on minimizing the probability of functionality misue by implementing rate limiting on the creating of games and players (see: [issues/1877](https://github.com/OWASP/cornucopia/issues/1877)). Once that is taken care of, you should be able to configure these limits to prevent DoS attacks when hosting Copi yourself.
+
+### Did we do a good job?
+
+We welcome any input or improvments you might be willing to share with us regarding our current threat model.
+Arguably, we created the system before the threat modeling, and several improvements need to be made to properly balance the inherrant risks of compromise against the current security controls. For anyone choosing to host the game engine, please take this into account.
