diff --git a/soroban-spec-rust/src/lib.rs b/soroban-spec-rust/src/lib.rs
index 536e4062a..1d72a43ed 100644
--- a/soroban-spec-rust/src/lib.rs
+++ b/soroban-spec-rust/src/lib.rs
@@ -14,6 +14,11 @@ use soroban_spec::read::{from_wasm, FromWasmError};
 
 use types::{generate_enum, generate_error_enum, generate_event, generate_struct, generate_union};
 
+// IMPORTANT: The "docs" fields of spec entries are not output in Rust token
+// streams as rustdocs, because rustdocs can contain Rust code, and that code
+// will be executed. Generated code may be generated from untrusted Wasm
+// containing untrusted spec docs.
+
 #[derive(thiserror::Error, Debug)]
 pub enum GenerateFromFileError {
     #[error("reading file: {0}")]
diff --git a/soroban-spec-rust/src/trait.rs b/soroban-spec-rust/src/trait.rs
index c65993d37..dad73e25a 100644
--- a/soroban-spec-rust/src/trait.rs
+++ b/soroban-spec-rust/src/trait.rs
@@ -5,6 +5,11 @@ use stellar_xdr::ScSpecFunctionV0;
 
 use super::types::generate_type_ident;
 
+// IMPORTANT: The "docs" fields of spec entries are not output in Rust token
+// streams as rustdocs, because rustdocs can contain Rust code, and that code
+// will be executed. Generated code may be generated from untrusted Wasm
+// containing untrusted spec docs.
+
 /// Constructs a token stream containing a single trait that has a function for
 /// every function spec.
 pub fn generate_trait(name: &str, specs: &[&ScSpecFunctionV0]) -> TokenStream {
diff --git a/soroban-spec-rust/src/types.rs b/soroban-spec-rust/src/types.rs
index 8ce65eacc..7ad6959c2 100644
--- a/soroban-spec-rust/src/types.rs
+++ b/soroban-spec-rust/src/types.rs
@@ -8,8 +8,9 @@ use stellar_xdr::{
 };
 
 // IMPORTANT: The "docs" fields of spec entries are not output in Rust token
-// streams as rustdocs, because rustdocs are evaluated and execute code by
-// default in Rust projects.
+// streams as rustdocs, because rustdocs can contain Rust code, and that code
+// will be executed. Generated code may be generated from untrusted Wasm
+// containing untrusted spec docs.
 
 // TODO: Replace the unwrap()s in this code with returning Result.
 // TODO: Create Idents in a way that we can get a Result back and return it too