# Contributing
## First-time setup
After cloning, install the pre-commit guard:
scripts/install-pre-commit-hook.sh
This catches accidental credential commits. See SECURITY.md for details on
the patterns detected, the placeholder convention for documentation examples,
and the bypass mechanism for legitimate false positives.