With security I dont mean password or addon informations.
Your site delivers a file that will be opened and placed in a "predictable" path.
So if someone manages to break into your site or injects malicious code this could offer possibilities for an attack. Unlikely, I know ... but worth mentioning I thought