diff --git a/schema/tables/xprotect_reports.yml b/schema/tables/xprotect_reports.yml
index 60657d4aaa..3fbcce2d76 100644
--- a/schema/tables/xprotect_reports.yml
+++ b/schema/tables/xprotect_reports.yml
@@ -8,3 +8,5 @@ examples: >-
   SELECT * FROM xprotect_reports;
 
   ```
+notes: |
+  - In [very specific circumstances](https://github.com/osquery/osquery/issues/6588#issuecomment-1410934706) this table will return empty because xprotect will detect and remediate without generating an eicar file.