diff --git a/README.md b/README.md
index aa3d7210..22326ca8 100644
--- a/README.md
+++ b/README.md
@@ -14,12 +14,13 @@ This action provides the following functionality for GitHub Actions users:
 
 ## Breaking changes in V5 
 
-- Enhance caching in setup-node with automatic package manager detection in [#1348](https://github.com/actions/setup-node/pull/1348)
+- Enhance caching in setup-node with automatic package manager detection.
+> For workflows with elevated privileges or access to sensitive information, we recommend disabling automatic caching by setting `package-manager-cache: false` when caching is not needed for secure operation.
 
-- Upgrade action to use node24 in [#1325](https://github.com/actions/setup-node/pull/1325)
-Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. [See Release Notes](https://github.com/actions/runner/releases/tag/v2.327.1)
+- Upgrade action to use node24.
+> Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. [See Release Notes](https://github.com/actions/runner/releases/tag/v2.327.1)
 
-For more detailed release notes with documntation updates and dependency upgrades, please track [release notes](https://github.com/actions/setup-node/releases/edit/v5.0.0)
+For more detailed release notes with documntation updates and dependency upgrades, please track [release notes](https://github.com/actions/setup-node/releases/v5.0.0)
 
 ## Usage
 
@@ -160,7 +161,7 @@ steps:
     package-manager-cache: false
 - run: npm ci
 ```
-> If no valid `packageManager` field is detected in the `package.json` file, caching will remain disabled unless explicitly configured.
+> If no valid `packageManager` field is detected in the `package.json` file, caching will remain disabled unless explicitly configured. For workflows with elevated privileges or access to sensitive information, we recommend disabling automatic caching by setting `package-manager-cache: false` when caching is not needed for secure operation.
 
 The action defaults to search for the dependency file (`package-lock.json`, `npm-shrinkwrap.json` or `yarn.lock`) in the repository root, and uses its hash as a part of the cache key. Use `cache-dependency-path` for cases when multiple dependency files are used, or they are located in different subdirectories.
 
diff --git a/dist/setup/index.js b/dist/setup/index.js
index cb3e56a7..ffa02be1 100644
--- a/dist/setup/index.js
+++ b/dist/setup/index.js
@@ -99793,6 +99793,9 @@ function run() {
                 yield (0, cache_restore_1.restoreCache)(cache, cacheDependencyPath);
             }
             else if (resolvedPackageManager && packagemanagercache) {
+                core.info("Detected package manager from package.json's packageManager field: " +
+                    resolvedPackageManager +
+                    '. Auto caching has been enabled for it. If you want to disable it, set package-manager-cache input to false');
                 core.saveState(constants_1.State.CachePackageManager, resolvedPackageManager);
                 yield (0, cache_restore_1.restoreCache)(resolvedPackageManager, cacheDependencyPath);
             }
diff --git a/src/main.ts b/src/main.ts
index f169cef0..01e58e05 100644
--- a/src/main.ts
+++ b/src/main.ts
@@ -73,6 +73,11 @@ export async function run() {
       core.saveState(State.CachePackageManager, cache);
       await restoreCache(cache, cacheDependencyPath);
     } else if (resolvedPackageManager && packagemanagercache) {
+      core.info(
+        "Detected package manager from package.json's packageManager field: " +
+          resolvedPackageManager +
+          '. Auto caching has been enabled for it. If you want to disable it, set package-manager-cache input to false'
+      );
       core.saveState(State.CachePackageManager, resolvedPackageManager);
       await restoreCache(resolvedPackageManager, cacheDependencyPath);
     }