clarify repository scanning (#34)

bluesentinelsec · Michael Long · web-flow · commit fb6d0dbb7c13 · 2024-04-19T10:58:53.000-04:00
Co-authored-by: Michael Long &lt;mlongii@amazon.com&gt;
diff --git a/README.md b/README.md
@@ -9,7 +9,7 @@ Using this action, you can automatically scan supported artifacts with Amazon In
 
 Amazon Inspector for GitHub Actions can be used to detect software vulnerabilities in the following artifacts within your GitHub Actions workflows:
 
-1. Your repository contents
+1. Package dependencies
 2. Container images
 3. Compiled Go and Rust binaries
 4. Archives *(.zip, .tar, .tar.gz)*
@@ -44,9 +44,9 @@ The following examples demonstrate how to use this action:
 - See [here for example workflows](./.github/workflows/).
 
 
-### 1. Scan Repository
+### 1. Scan Package Dependencies
 
-This example will scan your repository contents for vulnerable software packages.
+This example will scan your repository contents for vulnerable software packages, based on contents from files such as requirements.txt.
 
 ```yaml
 - name: Invoke Amazon Inspector Scan
