@meta
  v: 1
  route: /contribute
  generated: 2026-06-07T00:00:00Z
  ttl: 1h

@intent
  purpose:    How to contribute to TechMages and Warlock OS, and the Code of Ethics every contributor affirms before submitting code.
  audience:   contributor, security-pro, agent
  capability: read, contribute

@state
  lanes[6]{id,summary}:
    code,"new modules, bug fixes, gate hardening, tests — Python FastAPI backend, Ink/React TUI, React/Vite web UI"
    docs,"setup guides, build-your-own BOM, module how-tos, corrections"
    hardware,"build the deck from the BOM, report results, test SDR/GPS/mesh peripherals"
    field-reports,"what held up on a real authorized engagement, what was missing"
    triage,"reproduce issues, confirm bugs, review PRs, help newcomers"
    disclosure,"report security flaws in the tooling privately via GitHub security advisory"
  code-of-ethics[8]{n,pledge}:
    1,"Authorization before action — only systems I own or am authorized in writing to test"
    2,"Honest scope — truthful and narrow; never expanded to unauthorized targets"
    3,"Accountability over deniability — never strip/disable the audit trail, gate, or kill switch"
    4,"Capability, not weaponry — no features built to evade detection or harm non-consenting third parties"
    5,"Responsible disclosure — disclose vulns responsibly, give owners time to fix"
    6,"Respect for privacy — minimize captured data; never publish others' data without consent"
    7,"Teach, don't enable — share knowledge to make defenders better"
    8,"Own the outcome — don't do what you wouldn't want read back from the signed audit trail"
  wont-merge[4]:
    - "anything whose only purpose is to defeat the gate, scope check, kill switch, or attestation trail"
    - "stealth / anti-forensics features built to hide unauthorized activity"
    - "targeting / mass-exploitation / credential-harvesting aimed at non-consenting third parties"
    - "secrets, real client data, or captured traffic shipped in the diff"

@actions
  - id: read_ethics
    method: GET
    href: /contribute.html#ethics
  - id: contributing_md
    method: GET
    href: https://github.com/techmages-org/techmages/blob/main/CONTRIBUTING.md
  - id: code_of_ethics_md
    method: GET
    href: https://github.com/techmages-org/techmages/blob/main/CODE_OF_ETHICS.md
  - id: open_issue
    method: GET
    href: https://github.com/techmages-org/techmages/issues
  - id: report_security
    method: GET
    href: https://github.com/techmages-org/techmages/security/advisories/new

@context
  > The Contribute page explains the lanes for contributing to TechMages and Warlock OS (code, docs, hardware, field reports, triage, disclosure) and publishes the Code of Ethics every contributor affirms by opening a pull request. The ethos is engineered, not decorative: contributions must not route around the engagement gate, scope enforcement, kill switch, or signed audit trail. The same Code of Ethics ships verbatim in the repository as CODE_OF_ETHICS.md, and full submission mechanics live in CONTRIBUTING.md.

@nav
  self:    /contribute.agent
  parents: [/.agent]
  peers:   [/charter.agent, /index.agent, /warlock.agent, /projects.agent]