docs: document contributor security posture checks

CONTRIBUTING.md

@@ -265,6 +265,34 @@ Do **not** commit generated registry artifacts in a normal PR. These files are c
 - `data/bundles.json`
 - `data/aliases.json`
 
+### Security-Sensitive Review (New Skills)
+
+If your skill contains:
+
+- shell commands or command-like examples (`curl`, `wget`, `bash`, `powershell`, `irm`, etc.),
+- network instructions or credential/token examples,
+- direct file-system, process, or mutation guidance,
+
+add one extra preflight pass:
+
+```bash
+npm run security:docs
+npm test
+```
+
+Expected outcome:
+
+- ✅ no blocked high-risk examples unless justified,
+- ✅ explicit allowlist comments for any deliberate high-risk documentation command patterns
+  (`<!-- security-allowlist: ... -->`),
+- ✅ an explicit note in the PR description if examples are intentionally risky and the intended usage requires local admin/hosted environments.
+
+For offensive or destructive-capability skills, also verify:
+
+- `risk:` is set to `offensive` or `critical` as appropriate,
+- any user confirmation and authorization preconditions are explicit in the instructions,
+- the standard "Authorized Use Only" disclaimer is present in the skill when relevant.
+
 Optional hardening pass:
 
 ```bash
@@ -413,6 +441,7 @@ Before submitting your contribution:
 - [ ] I've tested the skill with an AI assistant
 - [ ] I've run `npm run validate`
 - [ ] I've run `npm run validate:references` and `npm test` when my change affects docs, workflows, or infrastructure
+- [ ] I ran the docs security scan (`npm run security:docs`) for any skill containing commands, network access, credentials, or destructive guidance
 - [ ] I did **not** include generated registry artifacts (`CATALOG.md`, `skills_index.json`, `data/*.json`) in this PR
 - [ ] My commit message is clear (e.g., "feat: add docker-compose skill")
 - [ ] I enabled **Allow edits from maintainers** on the PR