Add valid signal criteria to community blocklist documentation

- Clarify what signals count toward community contribution
- Explain hash verification process for scenario validation
- Document exclusion of custom and modified scenarios
- Provide guidance on ensuring signals are counted
- Add practical example of modified scenario impact
- Update both main docs and v1.7 versioned docs

Author: LaurenceJJones

crowdsec-docs/docs/central_api/blocklist.md

@@ -29,6 +29,30 @@ The content of the blocklist is unique to each Security Engine, as it mirrors th
 
 The *Community Blocklist* contains 15 thousand malicious IP's based on your reported scenarios.
 
+### What Counts as a Valid Signal?
+
+For your signals to be counted toward community contribution, they must meet specific criteria:
+
+#### What We Count
+
+- **Signals generated by official CrowdSec scenarios from the Hub, unmodified**
+- We verify this by comparing the scenario's content hash we publish with the hash your engine reports
+
+#### What We Do Not Count
+
+- **Custom scenarios you write yourself**
+- **Tainted or modified scenarios** (even small edits). We cannot reliably vet behavior once a scenario is changed, so the consensus engine ignores those signals
+
+#### Example
+
+If you only run a honeypot with a scenario you have modified, your local alerts will still fire, but the consensus engine will not use those signals. You can then show up as "not actively contributing," even though you see activity locally.
+
+#### How to Make Sure Your Signals Count
+
+- **Use the scenario straight from the Hub without edits**
+- **Keep auto-updates on** so hashes stay in sync
+- **If you need custom behavior**, copy to a local scenario and use it, but understand those signals will be excluded from consensus
+
 ## Community Blocklist (Premium)
 
 Paying users' Security Engine are automatically subscribed to the *Community Blocklist (Premium)*, which contains IPs that mirror their installed scenarios.

crowdsec-docs/versioned_docs/version-v1.7/central_api/blocklist.md

@@ -29,6 +29,30 @@ The content of the blocklist is unique to each Security Engine, as it mirrors th
 
 The *Community Blocklist* contains 15 thousand malicious IP's based on your reported scenarios.
 
+### What Counts as a Valid Signal?
+
+For your signals to be counted toward community contribution, they must meet specific criteria:
+
+#### What We Count
+
+- **Signals generated by official CrowdSec scenarios from the Hub, unmodified**
+- We verify this by comparing the scenario's content hash we publish with the hash your engine reports
+
+#### What We Do Not Count
+
+- **Custom scenarios you write yourself**
+- **Tainted or modified scenarios** (even small edits). We cannot reliably vet behavior once a scenario is changed, so the consensus engine ignores those signals
+
+#### Example
+
+If you only run a honeypot with a scenario you have modified, your local alerts will still fire, but the consensus engine will not use those signals. You can then show up as "not actively contributing," even though you see activity locally.
+
+#### How to Make Sure Your Signals Count
+
+- **Use the scenario straight from the Hub without edits**
+- **Keep auto-updates on** so hashes stay in sync
+- **If you need custom behavior**, copy to a local scenario and use it, but understand those signals will be excluded from consensus
+
 ## Community Blocklist (Premium)
 
 Paying users' Security Engine are automatically subscribed to the *Community Blocklist (Premium)*, which contains IPs that mirror their installed scenarios.