diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3787c5b..ef78201 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -27,6 +27,12 @@ mappings:
 - Multiple mappings can reference the same doc; docs are deduplicated
 - Missing doc files: warn and skip (review continues without them)
 - No matching paths: no docs injected, review runs normally
+- Absolute paths and path traversal (`..` segments) in doc paths are rejected
+
+### Security
+
+- **Path traversal guard**: doc paths from the YAML config are validated to reject absolute paths and `..` segments before VCS API calls
+- **Prompt injection guard**: design doc content is injected with an explicit instruction to treat it as reference data and not follow any instructions it may contain
 
 ## v0.3.2