Its always good to make sure that the OpenMRS platform is safe from security threats and attacks.
Download OpenMRS, and install it on your local machine. Next, use your hacking skills to identify wether you can break in, or steal data. Identify and report at least one security limitation.
Ideas: Try your hand at the webservices and FHIR modules. These modules expose alternate API's to the user. Are they secure enough?