Document security implications of pipe: URL scheme

Added comprehensive documentation to the pipe_download function explaining
the security implications of using the pipe: URL scheme. This clarifies that:
- The feature intentionally executes shell commands
- Commands run with the permissions of the Python process
- Usage should be limited to trusted environments
- Untrusted sources could lead to arbitrary code execution

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

Author: tmbnv

src/wids/wids_dl.py

@@ -39,7 +39,20 @@ def __exit__(self, exc_type, exc_val, exc_tb):
 
 
 def pipe_download(remote, local):
-    """Perform a download for a pipe: url."""
+    """Perform a download for a pipe: url.
+    
+    Security note: The pipe: URL scheme intentionally executes shell commands.
+    This is a powerful feature that allows for custom data processing pipelines,
+    but carries inherent security risks:
+    
+    1. Commands are executed with shell=True, which interprets shell metacharacters
+    2. No sandboxing or limitations are applied to the commands
+    3. Commands have the same permissions as the Python process
+    
+    This functionality should only be used in trusted environments where the URL
+    sources are controlled and validated. Using pipe: URLs from untrusted sources
+    could lead to arbitrary code execution.
+    """
     if not remote.startswith("pipe:"):
         raise ValueError(f"Invalid pipe URL: {remote}")
     cmd = remote[5:]