diff --git a/packages/core-audit/src/with-audit.ts b/packages/core-audit/src/with-audit.ts
index a521816..93a0e07 100644
--- a/packages/core-audit/src/with-audit.ts
+++ b/packages/core-audit/src/with-audit.ts
@@ -22,10 +22,11 @@ export type Audited<F> = F & { readonly __audited: true };
  * is out of scope here.
  */
 export function withAudit<Args extends unknown[], R>(
-  // The auditLog is part of the signature for two reasons: (1) callers must
-  // pass it at bind time, ensuring the dep is available, and (2) future
-  // versions of this wrapper will use it to emit audit events from the
-  // declarative manifest entry directly.
+  // TODO(conformance milestone iii+): wire automated recording from manifest
+  // `audits[]` declarations. For now, the wrapper exists to:
+  //   (1) require callers to pass the auditLog at bind time (dep is available)
+  //   (2) attach the `__audited` brand so the boot-time assertion can verify
+  //       mutating use cases were bound through the audit-aware path.
   auditLog: IAuditLog,
   fn: (...args: Args) => Promise<R>,
 ): Audited<(...args: Args) => Promise<R>> {