diff --git a/specs/jsonschema-core.md b/specs/jsonschema-core.md
index 3154ae5e..1b1b3de9 100644
--- a/specs/jsonschema-core.md
+++ b/specs/jsonschema-core.md
@@ -1990,6 +1990,12 @@ A malicious schema author could place executable code or other dangerous
 material within a `$comment`. Implementations MUST NOT parse or otherwise take
 action based on `$comment` contents.
 
+When encountering an IRI that also represents a valid file system or network
+location, implementations are discouraged from automatically making an operation to
+access that location. Schema authors should take care when configuring
+implementations to operate over a file system or network as this could expose
+the host system.
+
 ## IANA Considerations
 
 ### `application/schema+json`