If you manually set read only permissions on the right data folder after generating the configs, you can turn it into a readonly app. You can probably manually connect your own configs to the right user accounts as well but then that's a lot of work for a site that only generates QR codes and download links.
This project isn't much more than a script to generate and manage configs with an optional layer of SAML accounts on top. Especially with WireGuard's simple configuration it doesn't need to do any more than that. There are no security parameters with unsafe defaults, complicated configuration processes, certificate generation and signing process that other VPN systems fall victim to. There's a 6 line config file containing a private key generated by the official WireGuard tool and that's it.
While I've always avoided many complicated openvpn config tools like the plague (that of pfsense for one), I think WireGuard is simple enough to be configured like this.
I'd rather have a simple script and push updates to a "read-only" webapp.