diff --git a/src/explainers/upstream_nixpkgs.md b/src/explainers/upstream_nixpkgs.md
index d9c402f..48ac497 100644
--- a/src/explainers/upstream_nixpkgs.md
+++ b/src/explainers/upstream_nixpkgs.md
@@ -1 +1,3 @@
-Say more here later.
+We don't recommend using forked or re-exported versions of Nixpkgs.
+While this may be convenient in some cases, it can introduce unexpected behaviors and unwanted security risks.
+While <a href="https://github.com/NixOS/nixpkgs">upstream Nixpkgs</a> isn't bulletproof&mdash;nothing in software is!&mdash;it has a wide range of security measures in place, most notably continuous integration testing with <a href="https://hydra.nixos.org/">Hydra</a>, that mitigate a great deal of supply chain risk.
diff --git a/src/templates/summary.md b/src/templates/summary.md
index f60e0fa..dbde251 100644
--- a/src/templates/summary.md
+++ b/src/templates/summary.md
@@ -77,6 +77,8 @@ Here's an example:
   inputs.nixpkgs.url = "github:NixOS/nixpkgs";
 }
 ```
+
+If you need a customized version of Nixpkgs, we recommend using methods like [overlays] and per-package [overrides].
 </details>
 
 <details>
@@ -87,3 +89,5 @@ Here's an example:
 
 [flake-lock-action]: https://github.com/determinateSystems/update-flake-lock
 [nixos]: https://github.com/nixos
+[overlays]: https://nixos.wiki/wiki/Overlays
+[overrides]: https://ryantm.github.io/nixpkgs/using/overrides