🤝 Contributors Wanted!¶

Join Us in Building the Future of Agentic AI Security Education¶

fischer³ Agentic Security Education is an open-source project dedicated to teaching Agentic AI security through hands-on, break-first learning. Currently, we are focused on Agent to Agent (A2A) protocol and Model Context Protocol (MCP) security, but we are looking to expand into more scenarios. We're looking for passionate contributors to help us grow and improve this platform.

Whether you're a security expert, developer, educator, or student - we want your help!

🎯 Why Contribute?¶

For Your Career¶

• ✅ Portfolio-worthy work - Show real security implementations to employers
• ✅ GitHub contributions - Build your open-source profile
• ✅ Industry recognition - Get credited in a growing security education platform
• ✅ Skill development - Deepen your security knowledge by teaching others
• ✅ Networking - Connect with security professionals worldwide

For the Community¶

• ✅ Global impact - Help thousands of learners understand security
• ✅ Reduce vulnerabilities - Better-educated developers = more secure systems
• ✅ Knowledge sharing - Your expertise benefits everyone
• ✅ Open source - Freely accessible education for all

For Personal Growth¶

• ✅ Learn by teaching - The best way to master security is to explain it
• ✅ Collaborative experience - Work with other security professionals
• ✅ Real-world application - Create production-ready security examples
• ✅ Satisfaction - Know you're making security education better

🚀 Ways to Contribute¶

We welcome contributions of all sizes and types!

🔐 Create New Security Examples¶

What we need: More real-world vulnerability demonstrations

Examples we're looking for: - Healthcare systems (HIPAA compliance patterns) - Financial services (PCI-DSS examples) - IoT/embedded devices (hardware vulnerabilities) - Cloud infrastructure (AWS/Azure/GCP security) - API security (REST, GraphQL vulnerabilities) - Supply chain attacks (dependency vulnerabilities) - Mobile app security (Android/iOS) - Database security (SQL injection, NoSQL attacks) - Cryptography failures (weak algorithms, key management) - Authentication/authorization flaws

Format: Follow our 3-stage progression: 1. Stage 1: Completely vulnerable system 2. Stage 2: Partial security with sophisticated bypasses 3. Stage 3: Production-grade security that blocks all attacks

Time investment: 20-40 hours depending on complexity

Recognition: Full credit as example author, listed in contributors

📚 Improve Documentation¶

What we need: Clearer explanations, better examples, more tutorials

Opportunities: - Write beginner-friendly guides - Add more code comments - Create video tutorial scripts - Improve README files - Add diagrams and visualizations - Write blog posts about examples - Create quick reference guides

Skills needed: Technical writing, security knowledge, clarity

Time investment: 1-10 hours per improvement

Recognition: Contributor credit, documentation author attribution

🧪 Add Tests and Validation¶

What we need: Comprehensive test coverage for all examples

Opportunities: - Write unit tests for security components - Create integration tests - Add attack validation tests - Build automated security checks - Create CI/CD pipelines - Add code quality tools

Skills needed: Testing frameworks (pytest, jest), security testing

Time investment: 5-15 hours per example

Recognition: Testing contributor credit

🌍 Translate Content¶

What we need: Examples and documentation in multiple languages

Languages wanted: - Spanish - Mandarin Chinese - Hindi - Portuguese - French - German - Japanese - Arabic - Russian - And more!

What to translate: - README files - Documentation - Code comments - Video subtitles - User interfaces

Skills needed: Bilingual, technical terminology understanding

Time investment: Varies by content length

Recognition: Translation credit, language maintainer status

🎨 Create Visual Content¶

What we need: Better diagrams, graphics, and visual explanations

Opportunities: - Attack flow diagrams - Architecture diagrams - Security concept illustrations - Video animations - Infographics - Presentation slides

Skills needed: Design tools (Figma, Adobe, draw.io)

Time investment: 2-8 hours per visual

Recognition: Visual content creator credit

🐛 Fix Bugs and Issues¶

What we need: Bug fixes, code improvements, optimization

Opportunities: - Fix reported bugs - Improve code quality - Optimize performance - Refactor for clarity - Update dependencies - Fix documentation errors

Skills needed: Programming, debugging, relevant tech stack

Time investment: 1-5 hours per fix

Recognition: Bug fix contributor credit

💡 Propose New Ideas¶

What we need: Fresh perspectives and innovative approaches

Opportunities: - Suggest new example categories - Propose teaching methodology improvements - Recommend tools and technologies - Share use cases - Identify gaps in coverage

Skills needed: Creative thinking, security knowledge

Time investment: 30 minutes to discuss ideas

Recognition: Idea contributor credit if implemented

👥 Who We're Looking For¶

🎓 Security Professionals¶

Your expertise is invaluable!

You've seen real attacks, built secure systems, performed penetration tests. Share that knowledge: - Create realistic vulnerability examples - Review security implementations - Suggest attack vectors - Validate defense patterns - Share war stories (anonymized)

Impact: Your real-world experience makes examples more authentic and valuable.

💻 Software Developers¶

You build the systems that need to be secure!

Contribute: - Implement security patterns in various languages/frameworks - Create CI/CD security examples - Build secure API examples - Add mobile/web security examples - Improve code quality

Impact: Show other developers practical, working security implementations.

📖 Educators and Trainers¶

You know how to teach effectively!

Contribute: - Design learning paths - Create curriculum modules - Write teaching guides - Develop exercises and quizzes - Improve explanations - Create video content

Impact: Make security education more accessible and effective.

🎯 Students and Learners¶

Learn by contributing!

Start with: - Fix documentation typos - Improve code comments - Test examples and report issues - Translate content - Create beginner guides - Share your learning journey

Impact: Your fresh perspective helps identify what's confusing to learners.

🏁 Getting Started¶

Step 1: Explore the Project¶

# Clone the repository
git clone https://github.com/fischer3-net/agentic-security-education.git

# Navigate to the project
cd fischer3-security-education

# Install dependencies
pip install -r requirements.txt

# Run existing examples
cd examples/adversarial_agents/stage1_vulnerable
python demo_attacks.py

Familiarize yourself with: - The 3-stage progression methodology - Existing examples (especially adversarial agents) - Documentation structure - Code style and conventions

Step 2: Choose Your Contribution¶

Good First Issues: Check GitHub issues tagged good-first-issue

For new examples: 1. Open a discussion about your proposed example 2. Get feedback from maintainers 3. Follow the example template (see below)

For other contributions: 1. Check existing issues for something that interests you 2. Comment on the issue to claim it 3. Follow the contribution guidelines

Step 3: Fork and Create Branch¶

# Fork the repository on GitHub (click Fork button)

# Clone your fork
git clone https://github.com/YOUR_USERNAME/agentic-security-education.git

# Create a feature branch
git checkout -b feature/your-contribution-name

Step 4: Make Your Changes¶

Follow our standards: - ✅ Use clear, descriptive variable names - ✅ Add comprehensive docstrings - ✅ Include type hints (Python) - ✅ Write self-documenting code - ✅ Add comments for complex logic - ✅ Follow PEP 8 (Python) or language-specific style guides - ✅ Create self-contained demonstrations - ✅ Include educational explanations

Step 5: Test Your Changes¶

# Run your example
python your_example.py

# Verify attacks work in Stage 1
# Verify bypasses work in Stage 2
# Verify defenses work in Stage 3

# Check for errors
python -m py_compile your_file.py

Step 6: Submit Pull Request¶

# Commit your changes
git add .
git commit -m "Add: [Brief description of your contribution]"

# Push to your fork
git push origin feature/your-contribution-name

# Create Pull Request on GitHub
# Fill out the PR template completely

PR Checklist: - [ ] Code follows project style guidelines - [ ] All examples run successfully - [ ] Documentation is complete - [ ] Self-tests included - [ ] README updated if needed - [ ] No security credentials exposed - [ ] Fictitious data is clearly fake

📋 Example Template¶

When creating a new security example, use this structure:

examples/your_example/
├── README.md                      # Complete overview
├── SECURITY_ANALYSIS.md           # Detailed vulnerability analysis
├── requirements.txt               # Dependencies
├── stage1_vulnerable/
│   ├── README.md                  # Stage-specific docs
│   ├── demo_attacks.py           # Attack demonstrations
│   ├── [your_code_files]
│   └── ...
├── stage2_partial/
│   ├── README.md
│   ├── demo_bypasses.py          # Bypass demonstrations
│   ├── [your_code_files]
│   └── ...
└── stage3_secure/
    ├── README.md
    ├── demo_defenses.py          # Defense demonstrations
    ├── [your_code_files]
    └── ...

Each stage should include: - Clear documentation - Working code - Self-contained demonstrations - Educational explanations - CWE/CVSS mappings where applicable - Real-world incident parallels

See examples/adversarial_agents/ as a complete reference implementation.

💬 Communication Channels¶

GitHub Discussions¶

For: Ideas, questions, general discussions Best for: Open-ended conversations, proposals, feedback

GitHub Issues¶

For: Bug reports, feature requests, specific tasks Best for: Actionable items, tracking work

Email¶

For: Private inquiries, collaboration proposals Contact: info@fischer3.net Best for: Partnership discussions, sensitive topics

Pull Requests¶

For: Code reviews, implementation discussions Best for: Technical feedback, merge discussions

🎖️ Recognition¶

All Contributors¶

Every contributor gets: - Listed in CONTRIBUTORS.md - Credit in relevant documentation - Linked GitHub profile - Contribution statistics

Major Contributors¶

Significant contributions receive: - Special recognition in README - "Core Contributor" badge - Maintainer consideration - Speaking opportunities (conferences, videos)

Example Authors¶

Create a complete example, get: - Full author credit - Example ownership - Ongoing maintenance role - Featured in announcements

📜 Contribution Guidelines¶

Code of Conduct¶

We are committed to: - Respectful, inclusive communication - Welcoming diverse perspectives - Constructive feedback - Professional conduct - Zero tolerance for harassment

Expected behavior: - Be kind and patient - Assume good intentions - Give credit where due - Help newcomers - Focus on what's best for the project

Code Quality Standards¶

All code must: - Follow language style guides - Include comprehensive documentation - Use descriptive naming - Have error handling - Be well-tested - Use safe, fictitious data (no real credentials!)

Security Standards¶

When creating examples: - Use obviously fake credentials (see FICTITIOUS_DATA_NOTICE.md) - Never include real API keys, passwords, etc. - Follow responsible disclosure practices - Don't promote malicious use - Emphasize educational purpose

Documentation Standards¶

All documentation must: - Be clear and beginner-friendly - Include examples - Explain "why" not just "how" - Have proper grammar and spelling - Use consistent formatting - Link to related resources

🚦 Contribution Process¶

1. Proposal Phase¶

• Open a discussion or issue
• Describe your contribution
• Get feedback from maintainers
• Refine scope if needed

2. Development Phase¶

• Create feature branch
• Implement changes
• Test thoroughly
• Document everything

3. Review Phase¶

• Submit pull request
• Address review feedback
• Make requested changes
• Collaborate with maintainers

4. Merge Phase¶

• Final approval from maintainer
• Merge to main branch
• Recognition added
• Celebration! 🎉

❓ Frequently Asked Questions¶

Q: I'm new to security. Can I still contribute?¶

A: Absolutely! Start with documentation improvements, testing, or translations. Learn as you go. Everyone starts somewhere.

Q: How much time commitment is expected?¶

A: Whatever you can give! Contributions range from 30-minute typo fixes to 40-hour example creations. All are valuable.

Q: Will my contribution be accepted?¶

A: If it follows our guidelines, adds value, and maintains quality - yes! We work with contributors to refine proposals.

Q: Can I contribute if I'm not a native English speaker?¶

A: Yes! In fact, we especially need translations. Technical contributions don't require perfect English - we can help with language.

Q: What if I have an idea but can't implement it?¶

A: Share it anyway! Open a discussion. Someone else might implement it, or we can collaborate.

Q: Do I need to sign anything?¶

A: No CLAs required. Contributions are under the MIT license. Your GitHub account is sufficient attribution.

Q: How do I get help if I'm stuck?¶

A: Ask in GitHub Discussions, comment on your PR, or email info@fischer3.net. We're here to help!

Q: Can I contribute proprietary knowledge from my employer?¶

A: Only contribute what you have permission to share publicly. When in doubt, check with your employer. Never share confidential information.

Q: Will this help me get a job?¶

A: Yes! Security contributions show: - Technical skills - Security knowledge
- Communication ability - Collaboration experience - Initiative and passion

Many contributors list their work on resumes and discuss it in interviews.

Q: What if someone else is working on the same thing?¶

A: Check existing issues and PRs first. If someone's already working on it, you can collaborate or choose a different contribution.

🎯 High-Priority Contribution Areas¶

Immediate Needs¶

🔥 Most Wanted: 1. Healthcare security examples (HIPAA patterns) 2. Financial security examples (PCI-DSS patterns) 3. Cloud security examples (AWS/Azure/GCP) 4. Mobile security examples (iOS/Android) 5. API security examples (GraphQL, REST)

📚 Documentation Needs: 1. Beginner's guide to security testing 2. Video tutorial scripts 3. Quick reference guides 4. Concept explainers

🌍 Translation Needs: 1. Spanish translation (high demand) 2. Mandarin Chinese translation 3. Portuguese translation

🧪 Testing Needs: 1. Automated test suites for existing examples 2. Security validation tools 3. CI/CD pipeline improvements

📅 Contribution Timeline¶

Typical Timeline for New Example¶

Weeks 1-2: Planning and design - Discuss proposal - Design architecture - Plan 3-stage progression

Weeks 3-6: Stage 1 implementation - Build vulnerable system - Create attack demonstrations - Document vulnerabilities

Weeks 7-10: Stage 2 implementation - Add partial security - Create bypass attacks - Document gaps

Weeks 11-14: Stage 3 implementation - Add comprehensive security - Verify attack prevention - Document defenses

Weeks 15-16: Documentation and review - Complete all README files - Create security analysis - Submit for review

Total: ~4 months for complete example

Don't let this scare you off! You can: - Work at your own pace - Submit stages individually - Collaborate with others - Start smaller (documentation, tests, fixes)

🌟 Success Stories¶

We Need YOU to Create Ours!¶

This is a new project, and you can be among the first contributors. Your early contributions will have outsized impact as the project grows.

First contributors receive: - Founding contributor recognition - Priority for maintainer roles - Featured in launch announcements - Lasting influence on project direction

📞 Get Started Today!¶

Ready to contribute?¶

1. ⭐ Star the repository on GitHub
2. 👀 Watch the repository for updates
3. 🗨️ Join discussions to introduce yourself
4. 🔍 Find an issue or propose an idea
5. 🚀 Submit your first PR

Have questions?¶

Email: info@fischer3.net
GitHub: Open a discussion
Issues: Tag maintainers in comments

Want to make a big impact?¶

Propose a complete new example! Email info@fischer3.net with: - Your background - Proposed example topic - Estimated timeline - How we can support you

🙏 Thank You!¶

Thank you for considering contributing to fischer³ Security Education. Every contribution, no matter how small, helps make security education more accessible and effective.

Together, we're building a world where developers truly understand Agentic AI security - by first understanding how to break it.

Let's make security education better, together. 🚀

📄 License¶

By contributing to this project, you agree that your contributions will be licensed under the MIT License.

Project Maintainer: Robert Fischer
Email: info@fischer3.net
GitHub: github.com/robert-fischer3/fischer3-security-education

Last Updated: January 2026
Status: Actively Seeking Contributors
Contributors: Be the first! 🎉