jai.git

index 933e2b8..a799f10 100644
--- a/README.md
+++ b/README.md
@@ -6,10 +6,10 @@
 configure--so easy that you never again need to run a code assistant
 without protection.  It's not a substitute for
 [docker](https://www.docker.com/) or [podman](https://podman.io/) when
-you need strong containment.  But if you regularly do risky things
-like run an AI CLI with your own privileges in your home directory on
-a computer that you care about, then `jai` could reduce the damage
-when things go wrong.
+you need better isolation.  But if you regularly do risky things like
+run an AI CLI with your own privileges in your home directory on a
+computer that you care about, then `jai` could reduce the damage when
+things go wrong.
 
 `jai` *command* runs *command* with the following policy:
 
@@ -24,6 +24,21 @@ when things go wrong.
 
 * The rest of the file system is read only.
 
+With command-line options or configuration, `jai` supports the
+following:
+
+* A "strict" mode where jailed processes start with an empty home
+  directory and a different user id, so can read fewer sensitive
+  files.
+
+* The ability to grant access to other directories besides your
+  current working directory.
+
+* Multiple named sandboxed home directories that do not see each
+  other's changes.
+
+* Per-command configuration files.
+
 See the [man page](jai.1.md) for more documentation.
 
 See the [INSTALL](INSTALL) file for installation instructions.