1.3.6 Security Caveats

At present, teams only provide trusted multi-tenancy. This means it should be used for cases where you know and trust who you're allowing access into your Concourse cluster.

There are a few reasons it'd be a bad idea to do otherwise:

Any team can run builds with task step privileged tasks. A bad actor in the mix could easily use this to harm your workers and your cluster. You can lock down privileged mode if you use the containerd runtime and avoid this issue all together.
There are no networking restrictions in place, and traffic to and from the worker's Garden and Baggageclaim endpoints is currently unencrypted and unauthorized. Anyone could run a task that does horrible things to your worker's containers, possibly stealing sensitive information.
This can be remedied with configuration specified on Garden to restrict access to the internal network, but this is not detailed in our docs, and we'll probably want to find a better answer than configuration in the future.
You could put firewall rules in place between workers to mitigate this issue as well.

1.1	Getting Started
1.2	Install
1.3	Auth & Teams
1.4	The `fly` CLI
1.5	Config Basics
1.6	Pipelines
1.7	Vars
1.8	Resources
1.9	Resource Types
1.10	Jobs
1.11	Steps
1.12	Tasks
1.13	Builds
1.14	How-To Guides
1.15	Operation
1.16	Observation
1.17	Internals