# Contribute

![Contribute to Product Security Knowledge Base](/files/vDYmFv1iB1Owjcse7OO2)

## What you can contribute

Contributions are welcome when they make the knowledge base more useful, more accurate, more practical, or easier to apply in real security work.

Good contributions usually fall into one of these categories:

* **field-tested fixes** for AppSec, DevSecOps, API Security, Cloud Security, Kubernetes security, CI/CD, or platform security problems;
* **review checklists** that help engineers and security reviewers catch meaningful issues faster;
* **architecture patterns** that explain trust boundaries, control points, failure modes, and trade-offs;
* **diagrams** that make complex security flows easier to understand;
* **small snippets** that are safe, readable, and useful for defensive engineering;
* **labs and interview drills** that teach judgment, not just command memorization;
* **editorial corrections** that improve clarity, accuracy, structure, or American-English phrasing.

## Contribution style

Please keep the tone practical, direct, and operator-friendly. The best additions sound like notes from someone who has actually reviewed systems, shipped fixes, worked with engineers, handled security debt, or explained risk to stakeholders.

Avoid generic advice such as “follow best practices” unless the page explains which practice matters, where it breaks, how to validate it, and what trade-off a team should expect.

## Preferred format

A strong contribution usually includes:

1. the problem or review scenario;
2. the risk in plain language;
3. the recommended control or decision;
4. a short implementation note;
5. validation evidence or a practical test;
6. related links inside this knowledge base when useful.

## What does not fit

This KB is not meant for exploit dumps, offensive automation against real services, low-context vendor marketing, copied documentation, or broad compliance filler with no engineering value.

When in doubt, keep the contribution focused on safer design, better review quality, clearer decisions, and controls a real team can actually operate.

![Product Security Knowledge Base footer](/files/fQNzMAKOWjRP989toSYF)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.product-security.expert/untitled.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.