Under the tag of WP:BOLD I took the liberty of copying the "Page security extension disclaimer" that is put on extension pages whenever an extension uses a legit hook like "usercan" .
While I get why the disclaimer is added, the words used in the disclaimer are certainly up for improvements.
It now states, whenever you need security, use another package, not MediaWiki. It also brands an extension using legit hooks to be a hack.
So I made a simple template "Page security extension disclaimer 2021" that still shares the sames bottomline message : "MediaWiki is not responsible for exposed content", but using words that are more appropriate.

I would like people to review the original disclaimer and the text I have used to come up with a suitable solution.