hayhooks

The server's core functionality allows deploying and executing user-provided Python code (e.g., `pipeline_wrapper.py`) via API endpoints. This introduces a significant Remote Code Execution (RCE) risk if deployment endpoints are not strictly secured by external access control mechanisms. The default CORS settings are overly permissive (`*`) for production environments, and the server does not include built-in authentication, requiring external layers for security. While `show_tracebacks` is false by default, preventing some information leakage, the potential for arbitrary code execution mandates careful deployment in trusted environments only.