diff --git a/README.md b/README.md
index 4150694..f31c5ff 100644
--- a/README.md
+++ b/README.md
@@ -51,8 +51,11 @@ It is recommended that a dedicated user is used to create
 `destination-token` and that `destination-fork-repo` is always used
 unless the users who are able to create pull requests are trusted.
 
-When the PR is from a forked repository, the `update` script is checked out from
-the default branch instead of the head branch of the fork.
+When the PR is from a forked repository, the `update` script is run
+from the default branch of the base repository instead of the head
+branch of the fork. The pull request author must not be trusted
+and it is imperative that the `update` script never runs anything
+found in the head branch of the pull request.
 
 If the fork of the destination repository is specified and it does
 not exist, it is created.
diff --git a/action.yml b/action.yml
index 2cd0b9a..051682a 100644
--- a/action.yml
+++ b/action.yml
@@ -50,8 +50,11 @@ description: |
   `destination-token` and that `destination-fork-repo` is always used
   unless the users who are able to create pull requests are trusted.
 
-  When the PR is from a forked repository, the `update` script is checked out from
-  the default branch instead of the head branch of the fork.
+  When the PR is from a forked repository, the `update` script is run
+  from the default branch of the base repository instead of the head
+  branch of the fork. The pull request author must not be trusted
+  and it is imperative that the `update` script never runs anything
+  found in the head branch of the pull request.
 
   If the fork of the destination repository is specified and it does
   not exist, it is created.