diff --git a/kubernetes/kubernetes_secret_to_external_secret_gcp.sh b/kubernetes/kubernetes_secret_to_external_secret_gcp.sh
index 1f28f7c5..f5ca8af8 100755
--- a/kubernetes/kubernetes_secret_to_external_secret_gcp.sh
+++ b/kubernetes/kubernetes_secret_to_external_secret_gcp.sh
@@ -35,9 +35,11 @@ Creates a Kubernetes external secret yaml from a given secret in the current or
 
 Useful to migrate existing secrets to external secrets referencing GCP Secret Manager
 
-See kubernetes_secrets_to_external_secrets.sh to quickly migrate all your secrets to external secrets
+See kubernetes_secrets_to_external_secrets_gcp.sh to quickly migrate all your secrets to external secrets
 
-Use kubectl_secrets_download.sh to take a backup of secrets first
+Use kubectl_secrets_download.sh to take a backup of existing kubernetes secrets first
+
+XXX: you should probably omit committing secrets generated by Cert Manager (eg. *-tls)
 
 
 Requires kubectl and GCloud SDK to both be in the \$PATH and configured
diff --git a/kubernetes/kubernetes_secret_to_sealed_secret.sh b/kubernetes/kubernetes_secret_to_sealed_secret.sh
index 38914aa0..e2788f74 100755
--- a/kubernetes/kubernetes_secret_to_sealed_secret.sh
+++ b/kubernetes/kubernetes_secret_to_sealed_secret.sh
@@ -35,7 +35,7 @@ Useful to migrate existing secrets to sealed secrets which are safe to commit to
 
 See kubernetes_secrets_to_sealed_secrets.sh to quickly migrate all your secrets to sealed secrets
 
-Use kubectl_secrets_download.sh to take a backup of secrets first
+Use kubectl_secrets_download.sh to take a backup of existing kubernetes secrets first
 
 
 Requires kubectl and kubeseal to both be in the \$PATH and configured
diff --git a/kubernetes/kubernetes_secrets_to_sealed_secrets.sh b/kubernetes/kubernetes_secrets_to_sealed_secrets.sh
index 7b7ac70c..1c887fef 100755
--- a/kubernetes/kubernetes_secrets_to_sealed_secrets.sh
+++ b/kubernetes/kubernetes_secrets_to_sealed_secrets.sh
@@ -35,9 +35,9 @@ Iterates all non-service-account-token secrets, and for each one:
 
 Useful to migrate existing secrets to sealed secrets which are safe to commit to Git
 
-Use kubectl_secrets_download.sh to take a backup of secrets first
+Use kubectl_secrets_download.sh to take a backup of existing kubernetes secrets first
 
-XXX: you should probably omit committing secrets generated by Cert Manager (eg. *-tls)
+    XXX: you should probably omit committing secrets generated by Cert Manager (eg. *-tls)
 
 
 Requires kubectl and kubeseal to both be in the \$PATH and configured