My intuition tells me that the file path that jellyfin “sees” would be the security risk.

Your intuition is correct. JF will generate the MD5 hash based on the path that it’s accessing with. So if it’s normally a unique path then you mount it into the docker container as /movies/ or /mnt/movies or what have you… Then you lost the uniqueness, all that’s seen is the internal docker path. This is why I also lumped “using docker” into the party side by side with “using *arr stack”. Most people will find a compose file and just modify the left side of the volume declaration to point at their media. And most dockers are going to have simple internal mounts in their example compose files.

Both Arr and Docker will end up pushing people to standardize the path, then the filename. Using both together compounds the issue and they tend to standardize different parts of the path.