diff --git a/lib/domain.js b/lib/domain.js
index 85f9eed2243295..fcc8bb0a6dbc69 100644
--- a/lib/domain.js
+++ b/lib/domain.js
@@ -74,6 +74,8 @@ const asyncHook = createHook({
     if (process.domain !== null && process.domain !== undefined) {
       // If this operation is created while in a domain, let's mark it
       pairing.set(asyncId, process.domain[kWeak]);
+      // Promises from other contexts, such as with the VM module, should not
+      // have a domain property as it can be used to escape the sandbox.
       if (type !== 'PROMISE' || resource instanceof Promise) {
         ObjectDefineProperty(resource, 'domain', {
           configurable: true,
diff --git a/lib/internal/trace_events_async_hooks.js b/lib/internal/trace_events_async_hooks.js
index 9a2db5aeee9215..482a635f25edb2 100644
--- a/lib/internal/trace_events_async_hooks.js
+++ b/lib/internal/trace_events_async_hooks.js
@@ -31,6 +31,8 @@ const kEnabled = Symbol('enabled');
 // twice the async_wrap.Providers list is used to filter the events.
 const nativeProviders = new SafeSet(ObjectKeys(async_wrap.Providers));
 const typeMemory = new SafeMap();
+
+// Promises are not AsyncWrap resources so they should emit trace_events here.
 nativeProviders.delete('PROMISE');
 
 function createHook() {