diff --git a/SECURITY.md b/SECURITY.md
index e5273e54..b3f8a2db 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -2,9 +2,19 @@
 
 ## Supported Versions
 
-| Version | Supported          |
-| ------- | ------------------ |
-| main branch  | :white_check_mark: |
+| Version     | Supported          |
+|-------------|--------------------|
+| main branch | :white_check_mark: |
+
+## Important project context
+
+Tactility is foremost a tinkering platform as opposed to a user platform.  It does not have desktop OS security features
+such as user/access management, file system protections, memory protections, app permissions and more.
+
+[ESP Privilege Separation](https://github.com/espressif/esp-privilege-separation) is not implemented nor planned to be implemented.
+It is limited to C3 and S3 hardware, so it wouldn't even work on the original ESP32.
+
+Keep this in mind when reporting vulnerabilities.
 
 ## Reporting a Vulnerability
 
@@ -12,6 +22,7 @@ We appreciate your efforts to responsibly disclose your findings, and we will ma
 
 To report a security issue, please use the GitHub Security Advisory ["Report a Vulnerability"](https://github.com/bytewelder/tactility/security/advisories/new) tab.
 
-You can expect a response indicating the next steps in handling your report. After the initial reply to your report, you'll be kept informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.
+You can expect a response indicating the next steps in handling your report. After the initial reply to your report,
+you'll be kept informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.
 
 Report security bugs in third-party dependencies to the person or team maintaining the module.