From 49af85ee70473179a500c6893be44b6363761c6f Mon Sep 17 00:00:00 2001
From: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Date: Fri, 21 Nov 2025 15:13:39 +0000
Subject: [PATCH 1/2] Add security warning callout for access token exposure in
 Pyth Pro subscribe page

Co-Authored-By: aditya@dourolabs.xyz <aditya@dourolabs.xyz>
---
 pages/price-feeds/pro/subscribe-price-updates.mdx | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/pages/price-feeds/pro/subscribe-price-updates.mdx b/pages/price-feeds/pro/subscribe-price-updates.mdx
index 8739ca17..69f731fc 100644
--- a/pages/price-feeds/pro/subscribe-price-updates.mdx
+++ b/pages/price-feeds/pro/subscribe-price-updates.mdx
@@ -32,6 +32,13 @@ Please fill out [this form](https://2fga8d.share-eu1.hsforms.com/2ftdPrASCTLCxtP
 
 Use the access token to authenticate the websocket connection by passing it as an `Authorization{:bash}` header with the value `Bearer {token}{:bash}`.
 
+<Callout type="warning" emoji="⚠️">
+  **Security Warning**: Never expose your access token in frontend applications
+  or client-side code. Access tokens should only be used in secure backend
+  environments. Exposing tokens in frontend code makes them publicly accessible
+  and compromises your account security.
+</Callout>
+
 ### 2. Configure subscription parameters
 
 Pyth Pro supports several request/subscription parameters to customize the received prices.

From 344b29fc3b92a194009018406fd16f1e53adf00d Mon Sep 17 00:00:00 2001
From: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Date: Fri, 21 Nov 2025 15:43:37 +0000
Subject: [PATCH 2/2] Update security warning to reference terms of service
 violation

Co-Authored-By: aditya@dourolabs.xyz <aditya@dourolabs.xyz>
---
 pages/price-feeds/pro/subscribe-price-updates.mdx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pages/price-feeds/pro/subscribe-price-updates.mdx b/pages/price-feeds/pro/subscribe-price-updates.mdx
index 69f731fc..ef99555f 100644
--- a/pages/price-feeds/pro/subscribe-price-updates.mdx
+++ b/pages/price-feeds/pro/subscribe-price-updates.mdx
@@ -36,7 +36,7 @@ Use the access token to authenticate the websocket connection by passing it as a
   **Security Warning**: Never expose your access token in frontend applications
   or client-side code. Access tokens should only be used in secure backend
   environments. Exposing tokens in frontend code makes them publicly accessible
-  and compromises your account security.
+  and is a violation of our terms of service.
 </Callout>
 
 ### 2. Configure subscription parameters