diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md
index 1896f00..ec761ea 100644
--- a/.github/copilot-instructions.md
+++ b/.github/copilot-instructions.md
@@ -84,4 +84,15 @@ logger = logging.getLogger(__name__)
 from typing import Optional, List, Dict
 def process_data(items: List[Dict[str, Any]]) -> Optional[str]:
     ...
+
+# URL parameter validation (required pattern)
+def parse_positive_int_param(value: Optional[str], name: str) -> int:
+    """Validate and parse a URL parameter as a positive integer."""
+    try:
+        parsed = int(value)  # type: ignore[arg-type]
+        if parsed <= 0:
+            raise ValueError(f"{name} must be positive")
+        return parsed
+    except (ValueError, TypeError):
+        raise ValueError(f"Invalid {name}: expected a positive integer")
 ```
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index ca2bc0e..7c2d5a2 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -5,6 +5,12 @@ and its design.
 
 Once you are ready to submit your contribution, please fork the repository and open a pull request with your changes.
 
+**Before submitting a PR:**
+- Run `task test` and ensure all tests pass
+- Update tests for any methods/subroutines you modify
+- Validate URL parameters before parsing (use bounds checking, not bare `int()` or `parseInt()`)
+- Do not commit secrets, credentials, or hardcoded tokens
+
 ## Updating the dependencies
 
 ```bash