diff --git a/doc/ci/merge_request_pipelines/index.md b/doc/ci/merge_request_pipelines/index.md
index 6697bf9480f..706e83abf44 100644
--- a/doc/ci/merge_request_pipelines/index.md
+++ b/doc/ci/merge_request_pipelines/index.md
@@ -75,10 +75,10 @@ because, technically, external contributors can disguise their pipeline results
 by tweaking their GitLab Runner in the forked project.
 
 There are multiple reasons about why GitLab doesn't allow those pipelines to be
-created in the parent project, but one of the biggest reasons is security.
+created in the parent project, but one of the biggest reasons is security concern.
 External users could steal secret variables from the parent project by modifying
-.gitlab-ci.yml.
+.gitlab-ci.yml, which could be some sort of credentials. This should not happen.
 
-We're discussing a secure solution about how to run pipelines for merge requests
+We're discussing a secure solution of running pipelines for merge requests
 that submitted from forked projects,
 see [the issue about the permission extension](https://gitlab.com/gitlab-org/gitlab-ce/issues/23902).