What CAN you do, really?
You could start listening in to the sensor values, recording them, not sure if there's any value to that.
You could start to inject fake sensor values by creating transmissions to the receiving node. But as long as your receiver is doing basic sanity checking on the values received that should never cause problems such as buffer overflows. At worst it would poison the logged data.
The ESP8266 has an OTA firmware update method, that should come with a good password. Another way to prevent attacks here is to only make OTA available for a short period of time, say 1 minute upon starting up of the device, after which it just doesn't listen. This way you can only update the device if you also have physical access to it.