diff --git a/README.md b/README.md
index 83da6045af..4cf9df33d4 100644
--- a/README.md
+++ b/README.md
@@ -23,6 +23,9 @@ a binary file. Auditors can backtrace from these candidate points to find pathwa
 * Support for C/C++ binary targets compiled for any architecture implemented by IDA Pro.
 * Bad API function call locations are printed to stdout and marked in the IDB.
 * Known bad API functions are grouped in tiers of badness to help prioritize the audit work.
+    * [BAD 0] High priority - Functions that are generally considered insecure
+    * [BAD 1] Medium priority - Interesting functions that should be checked for insecure use cases.
+    * [BAD 2] Low priority - Code paths involving these functions should be carefully checked.
 * The list of known bad API functions can be easily customized by editing `conf/rhabdomancer.toml`.
 
 ## Blog post
diff --git a/src/lib.rs b/src/lib.rs
index 3fdceafa49..1dcbcb60a1 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -15,6 +15,9 @@
 //! * Support for C/C++ binary targets compiled for any architecture implemented by IDA Pro.
 //! * Bad API function call locations are printed to stdout and marked in the IDB.
 //! * Known bad API functions are grouped in tiers of badness to help prioritize the audit work.
+//!     * [BAD 0] High priority - Functions that are generally considered insecure
+//!     * [BAD 1] Medium priority - Interesting functions that should be checked for insecure use cases.
+//!     * [BAD 2] Low priority - Code paths involving these functions should be carefully checked.
 //! * The list of known bad API functions can be easily customized by editing `conf/rhabdomancer.toml`.
 //!
 //! ## Blog post