The write endpoint issue is the part that's consistently underreported. Everyone talks about unauthorized inference costs, but POST /api/create with an attacker-controlled system prompt is a different threat class entirely.
This is exactly why I run local inference bound to localhost only, no external exposure. MNN on a Snapdragon via Termux — the attack surface is zero if the port never leaves the device. Sovereign infrastructure isn't just about privacy, it's the simplest security posture available.
This is exactly why I run local inference bound to localhost only, no external exposure. MNN on a Snapdragon via Termux — the attack surface is zero if the port never leaves the device. Sovereign infrastructure isn't just about privacy, it's the simplest security posture available.