ENGDOCS-3240 (#24830)

<!--Delete sections as needed -->

## Description

<!-- Tell us what you did and why -->

## Related issues or tickets

<!-- Related issues, pull requests, or Jira tickets -->

## Reviews

<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->

- [ ] Technical review
- [ ] Editorial review
- [ ] Product review

Author: aevesdocker

content/manuals/extensions/_index.md

@@ -23,6 +23,10 @@ Anyone can use Docker Extensions and there is no limit to the number of extensio
 There is a mix of partner and community-built extensions and Docker-built extensions.
 You can explore the list of available extensions in [Docker Hub](https://hub.docker.com/search?q=&type=extension) or in the Extensions Marketplace within Docker Desktop.
 
-To find out more about Docker Extensions, we recommend the video walkthrough from DockerCon 2022:
+## Security and trust
 
-<iframe width="750" height="315" src="https://www.youtube.com/embed/3rAGXS8pszQ" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
+Docker Extensions run with elevated privileges on your host machine. They have direct access to the Docker Engine, can read and write files on your filesystem, and can install and run native binaries. 
+
+Docker reviews extensions submitted to the Marketplace, but does not guarantee the security of any extension. Extensions installed outside the Marketplace have not been reviewed at all. Only install extensions from publishers you trust. 
+
+If you're an organization admin, see [Configure a private marketplace](private-marketplace.md) to control which extensions your team can install.

content/manuals/extensions/marketplace.md

@@ -16,6 +16,10 @@ and quality. They appear as **Reviewed** in the Marketplace.
 
 Self-published extensions are autonomously published by extension developers and go through an automated validation process. They appear as **Not reviewed** in the Marketplace.
 
+> [!IMPORTANT]
+>
+> Marketplace extensions are reviewed by Docker, but are not subject to a full security audit. Extensions run with host-level privileges. They can install binaries, access Docker Engine, invoke commands, and access files on your machine. Only install extensions from publishers you trust.
+
 ## Install an extension
 
 > [!NOTE]

content/manuals/extensions/non-marketplace.md

@@ -11,8 +11,7 @@ aliases:
 
 > [!WARNING]
 >
-> Docker Extensions that are not in the Marketplace haven't gone through Docker's review process.
-> Extensions can install binaries, invoke commands and access files on your machine. Installing them is at your own risk.
+> Extensions installed outside the Marketplace have not gone through Docker's review process. Like all Docker extensions, they run with host-level privileges. They can install binaries, access Docker Engine, invoke commands, and access files on your machine. Install only if you trust the publisher and have verified the source.
 
 The Extensions Marketplace is the trusted and official place to install extensions from within Docker Desktop. These extensions have gone through a review process by Docker. However, other extensions can also be installed in Docker Desktop if you trust the extension author.