diff --git a/content/admin/github-actions/enabling-automatic-access-to-githubcom-actions-using-github-connect.md b/content/admin/github-actions/enabling-automatic-access-to-githubcom-actions-using-github-connect.md
index a240606412..588e25c8a3 100644
--- a/content/admin/github-actions/enabling-automatic-access-to-githubcom-actions-using-github-connect.md
+++ b/content/admin/github-actions/enabling-automatic-access-to-githubcom-actions-using-github-connect.md
@@ -13,6 +13,7 @@ topics:
 
 {% data reusables.actions.enterprise-beta %}
 {% data reusables.actions.enterprise-github-hosted-runners %}
+{% data reusables.actions.enterprise-github-connect-warning %}
 {% data reusables.actions.ae-beta %}
 
 By default, {% data variables.product.prodname_actions %} workflows on {% data variables.product.product_name %} cannot use actions directly from {% data variables.product.prodname_dotcom_the_website %} or [{% data variables.product.prodname_marketplace %}](https://github.com/marketplace?type=actions).
diff --git a/data/reusables/actions/enterprise-github-connect-warning.md b/data/reusables/actions/enterprise-github-connect-warning.md
new file mode 100644
index 0000000000..ce755253ef
--- /dev/null
+++ b/data/reusables/actions/enterprise-github-connect-warning.md
@@ -0,0 +1,7 @@
+{% if enterpriseServerVersions contains currentVersion and currentVersion ver_gt "enterprise-server@2.21" %}
+{% note %}
+
+**Note:** With {% data variables.product.prodname_github_connect %} enabled, {% data variables.product.prodname_actions %} will try to find the repository on your {% data variables.product.prodname_ghe_server %} instance first before falling back to {% data variables.product.prodname_dotcom %}. If a user creates an organization and repository in your enterprise that matches an organization and repository name on {% data variables.product.prodname_dotcom %}, the repository on your enterprise will be used in place of the {% data variables.product.prodname_dotcom %} repository. A malicious user could take advantage of this behavior to run code as part of a workflow.
+
+{% endnote %}
+{% endif %}