README.md in scrub_params-0.0.1 vs README.md in scrub_params-0.0.2

- old
+ new

@@ -1,11 +1,13 @@
 # Scrub Params
 
 :lock: Secure Rails parameters by default
 
-> Insecure by default is insecure
-
 HTML has no business in most parameters. Take the **whitelist approach** and remove it by default.
+
+**Note:** Rails has done amazing work to prevent XSS, but storing `<script>badThings()</script>` in your database makes it much easier to make mistakes.
+
+Works with Rails 3.2 and above.
 
 ## Get Started
 
 Add this line to your application’s Gemfile:
 