Clarified local dir scan and ensure pre-commit scans only upon push

docs/guides/software-lifecycle/security/dependency-vulnerability-scanning/README.mdx

@@ -71,7 +71,7 @@ GitHub Action for Grype vulnerability scanning.
     grype version
     ```
 
-2. Perform a scan of the local repository for vulnerabilities:
+2. Perform a scan of the local repository for vulnerabilities. The below checks for vulnerabilities via any common package managers that are detected in your repository. See [Grype supported sources](https://github.com/anchore/grype?tab=readme-ov-file#supported-sources) for more information.
 
     ```bash
     grype dir:.
@@ -95,7 +95,9 @@ GitHub Action for Grype vulnerability scanning.
 
 ⚠️ NOTE: We recommend installing this pre-commit hook only if you have downloaded grype, already scanned your repository and addressed any vulnerabilities.
 
-The below steps, once enacted, will ensure that any local `git commit` actions taken will be followed by an automated vulnerability scan. If vulnerabilities at the CRITICAL level are found, the commit will be blocked by default.
+⚠️ NOTE: The automated scan described below will NOT check for image vulnerabilities, rather, it uses the package dependency capability of Grype to look for third-party dependencies via `grype dir:.`
+
+The below steps, once enacted, will ensure that any local `git push` actions taken will be followed by an automated vulnerability scan. If vulnerabilities at the CRITICAL level are found, the push will be blocked by default.
 
 1. Install the pre-commit framework via Python:
    ```bash