diff --git a/README.md b/README.md
index 7502ad5..fdc37c9 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,13 @@
 # npm-audit
 
+runs security checks for node projects
+
+## Steps
+### npm-audit
+```
+'npm audit' is run against the project files to scan for vulnerabilities in dependencies
+```
+
+## TODO
+- expand this repository to do more than dependency steps, as of now it doesn't make a ton of sense for this to be its own action/repo
+- add static code analysis step
\ No newline at end of file