Great point, thanks. Just updated the site – removed "untrusted" and "secure", added a note clarifying the threat model