you run the mercurial incoming command, and shows a message if a
+Security Implications of Using this Extension
+Although the extension has been designed to be as safe as possible,
+enabling and configuring this extension has security implications.
+The extension is secure by default, because in order to start
+receiving and updating your ``.hg/projrc`` files you must first
+whitelist the servers to transfer the file from and which settings
+However you must be careful when including settings from untrusted
+sources because some mercurial settings allow a malicious user to
+configure mercurial to execute arbitrary code on your machine or
+change your local mercurial configuration.
+This means that you should only add servers you trust to your
+server list, and only include those settings that are strictly
+necessary. If you are a system administrator of a central repo that
+is meant to distribute a projrc file you should be extra careful
+to ensure that nobody modifies the projrc file without your