fix: Add security extension disclaimer (#134)

ai-ram-ramani · ramanira · harmjeff · web-flow · commit 879a011c0d75 · 2026-03-20T19:01:58.000Z
* Add disclaimer for security baseline extension

* security disclaimer update

* fix: revert the merge conflict

Removed reference to OWASP Top 10 from security extension rules description.

---------

Co-authored-by: ai-ram-ramani &lt;ramanira@amazon.com&gt;
Co-authored-by: Jeff Harman &lt;109810187+harmjeff@users.noreply.github.com&gt;
Co-authored-by: Scott Schreckengaust &lt;scottschreckengaust@users.noreply.github.com&gt;
diff --git a/README.md b/README.md
@@ -529,7 +529,7 @@ Here's the general flow once an extension is enabled:
 The workflow currently ships with a baseline security extension. 
 
 > [!IMPORTANT]
-> The security extension rules are based on the [OWASP Top 10](https://owasp.org/www-project-top-ten/) and have been tested through controlled experimentation (see [PR #80](https://github.com/awslabs/aidlc-workflows/pull/80)). They are provided as a directional reference for building effective security rules within AI-DLC workflows. Each organization should build, customize, and thoroughly test their own security rules before deploying in production workflows.
+> The security extension rules are provided as a directional reference for building effective security rules within AI-DLC workflows. Each organization should build, customize, and thoroughly test their own security rules before deploying in production workflows.
 
 ```
 aws-aidlc-rule-details/
