From 6b4b830f63d438fcae80ab8a56bbf88de052e146 Mon Sep 17 00:00:00 2001
From: Rafael Gonzaga <rafael.nunu@hotmail.com>
Date: Fri, 4 Nov 2022 10:49:50 -0300
Subject: [PATCH] Update SECURITY.md

Co-authored-by: Matteo Collina <matteo.collina@gmail.com>
---
 SECURITY.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/SECURITY.md b/SECURITY.md
index e602b7e51d0254..4326da6c83ebea 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -93,7 +93,8 @@ Vulnerabilities related to this case may be fixed by a documentation update.
 2. The operating system that Node.js is running under and its configuration,
    along with anything under control of the operating system.
 3. The code it is asked to run including JavaScript and native code, even if
-   said code is dynamically loaded. The code run inherits all the privileges of
+   said code is dynamically loaded, e.g. all dependencies installed from the npm registry.
+   The code run inherits all the privileges of
    the execution user.
 4. Inputs provided to it by the code it is asked to run, as it is the
    responsibility of the application to perform the required input validations.