fix: address review feedback

mickael-docker · mickael-docker · commit a2a50e7d0db1 · 2026-06-17T15:51:04.000-04:00
diff --git a/content/manuals/ai/model-runner/_index.md b/content/manuals/ai/model-runner/_index.md
@@ -122,24 +122,20 @@ See [Configuration options](configuration.md) for details on context size and ot
 
 ## Security and isolation
 
-Depending on the inference engine and model format, loading a model can run
-code from the model's files. Pull and run only models you trust, from sources
-you trust, the same way you would any other software you run.
+### Execution environment
 
 Docker Model Runner isolates inference engines from your host:
 
 - On Linux, Docker Model Runner and its inference engines, such as Diffusers,
   run inside a container, which provides the isolation boundary.
 - On macOS and Windows, the engines don't run inside a container, so Docker
-  Model Runner runs them in a sandboxed environment instead.
+  Model Runner runs them in a sandboxed environment (seatbelt/sandbox-exec and Job Objects respectively)
 
-> [!WARNING]
->
-> The Model Runner API is not authenticated. Any client that can reach it,
-> including other containers on the same Docker network, can pull, load, and
-> run models, and send inference requests. Only enable host-side or TCP access
-> when you control the clients, and don't expose the Model Runner endpoint to
-> untrusted containers or networks.
+### Networking
+
+The Model Runner API is not authenticated. Any client that can reach it,
+including other containers on the same Docker network, can pull, load, and
+run models, and send inference requests.
 
 ## Known issues
 
