@Codeberg One idea I have for preventing accidental fetches of malicious code would be to prevent access through the primary domain, and require the use of a seperate (sub)domain such as [caution.codeberg.org](caution.codeberg.org), or [codeberg-caution.org](codeberg-caution.org). Weither this is done throgh a seperate instance it is cloned to, or via special handeling in the forejo would be up to debate.