To repeat fordem’s post,
In order to make NASLite-2 content available to clients outside of your immediate LAN, two things need to happen. First, you’ll have to explicitly route a port to your non-routable NASLite-2 IP at your firewall. Second, you’ll have to provide a valid gateway as part of the NASlite-2 configuration.
That said, there should be no misunderstanding about what will expose your data and what will not. By default, NASLite content is absolutely safe and invisible to outside clients.
Unless NASLite-2 is properly set to export content to the WAN, it is more likely that files stored on the NASLite server will be compromised by a compromised client rather than NASLite itself.
If you are not sure about what you are doing, exporting NASLite content to the WAN is probably not a good idea. That is true for NASLite as well as any other file storage facility with or without built-in security.