In case where the admin wallet has been hacked, the attacker can drain all funds out of the project within minutes. All the attacker needs is the admin to sign a single meta/normal tx. Even though the likelihood of the admin wallet being hacked might be low, the impact is critical.
Mitigation:
Consider removing the meta tx for HomeFionlyAdmin modifier (i.e. usg msg.sender instead of _msgSender()), given that it’s not going to be used that often it may be worth giving up the comfort for hardening security