diff --git a/artifacthub/library/pod-security-policy/allow-privilege-escalation/1.1.0/samples/psp-allow-privilege-escalation-container/constraint.yaml b/artifacthub/library/pod-security-policy/allow-privilege-escalation/1.1.0/samples/psp-allow-privilege-escalation-container/constraint.yaml
index 1d4f031c4..cfa512d9d 100644
--- a/artifacthub/library/pod-security-policy/allow-privilege-escalation/1.1.0/samples/psp-allow-privilege-escalation-container/constraint.yaml
+++ b/artifacthub/library/pod-security-policy/allow-privilege-escalation/1.1.0/samples/psp-allow-privilege-escalation-container/constraint.yaml
@@ -8,4 +8,4 @@ spec:
       - apiGroups: [""]
         kinds: ["Pod"]
   parameters:
-    exemptImages: ["nonexistent/*"]
+    exemptImages: ["safeimages.com/*"]
diff --git a/artifacthub/library/pod-security-policy/allow-privilege-escalation/1.1.0/samples/psp-allow-privilege-escalation-container/example_allowed_exempt.yaml b/artifacthub/library/pod-security-policy/allow-privilege-escalation/1.1.0/samples/psp-allow-privilege-escalation-container/example_allowed_exempt.yaml
new file mode 100644
index 000000000..841e56f89
--- /dev/null
+++ b/artifacthub/library/pod-security-policy/allow-privilege-escalation/1.1.0/samples/psp-allow-privilege-escalation-container/example_allowed_exempt.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: nginx-privilege-escalation-disallowed
+  labels:
+    app: nginx-privilege-escalation
+spec:
+  containers:
+  - name: nginx
+    image: "safeimages.com/nginx"
+    securityContext:
+      allowPrivilegeEscalation: true
diff --git a/artifacthub/library/pod-security-policy/allow-privilege-escalation/1.1.0/suite.yaml b/artifacthub/library/pod-security-policy/allow-privilege-escalation/1.1.0/suite.yaml
index cd7531cfa..345a7582c 100644
--- a/artifacthub/library/pod-security-policy/allow-privilege-escalation/1.1.0/suite.yaml
+++ b/artifacthub/library/pod-security-policy/allow-privilege-escalation/1.1.0/suite.yaml
@@ -23,3 +23,7 @@ tests:
         object: samples/psp-allow-privilege-escalation-container/update.yaml
         assertions:
           - violations: no
+      - name: exempted-path
+        object: samples/psp-allow-privilege-escalation-container/example_allowed_exempt.yaml
+        assertions:
+          - violations: no
diff --git a/library/pod-security-policy/allow-privilege-escalation/samples/psp-allow-privilege-escalation-container/constraint.yaml b/library/pod-security-policy/allow-privilege-escalation/samples/psp-allow-privilege-escalation-container/constraint.yaml
index 1d4f031c4..cfa512d9d 100644
--- a/library/pod-security-policy/allow-privilege-escalation/samples/psp-allow-privilege-escalation-container/constraint.yaml
+++ b/library/pod-security-policy/allow-privilege-escalation/samples/psp-allow-privilege-escalation-container/constraint.yaml
@@ -8,4 +8,4 @@ spec:
       - apiGroups: [""]
         kinds: ["Pod"]
   parameters:
-    exemptImages: ["nonexistent/*"]
+    exemptImages: ["safeimages.com/*"]
diff --git a/library/pod-security-policy/allow-privilege-escalation/samples/psp-allow-privilege-escalation-container/example_allowed_exempt.yaml b/library/pod-security-policy/allow-privilege-escalation/samples/psp-allow-privilege-escalation-container/example_allowed_exempt.yaml
new file mode 100644
index 000000000..841e56f89
--- /dev/null
+++ b/library/pod-security-policy/allow-privilege-escalation/samples/psp-allow-privilege-escalation-container/example_allowed_exempt.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: nginx-privilege-escalation-disallowed
+  labels:
+    app: nginx-privilege-escalation
+spec:
+  containers:
+  - name: nginx
+    image: "safeimages.com/nginx"
+    securityContext:
+      allowPrivilegeEscalation: true
diff --git a/library/pod-security-policy/allow-privilege-escalation/suite.yaml b/library/pod-security-policy/allow-privilege-escalation/suite.yaml
index cd7531cfa..345a7582c 100644
--- a/library/pod-security-policy/allow-privilege-escalation/suite.yaml
+++ b/library/pod-security-policy/allow-privilege-escalation/suite.yaml
@@ -23,3 +23,7 @@ tests:
         object: samples/psp-allow-privilege-escalation-container/update.yaml
         assertions:
           - violations: no
+      - name: exempted-path
+        object: samples/psp-allow-privilege-escalation-container/example_allowed_exempt.yaml
+        assertions:
+          - violations: no
diff --git a/website/docs/validation/allow-privilege-escalation.md b/website/docs/validation/allow-privilege-escalation.md
index e36f36688..66d6c037e 100644
--- a/website/docs/validation/allow-privilege-escalation.md
+++ b/website/docs/validation/allow-privilege-escalation.md
@@ -173,7 +173,7 @@ spec:
       - apiGroups: [""]
         kinds: ["Pod"]
   parameters:
-    exemptImages: ["nonexistent/*"]
+    exemptImages: ["safeimages.com/*"]
 
 ```
 
@@ -262,6 +262,32 @@ Usage
 kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/allow-privilege-escalation/samples/psp-allow-privilege-escalation-container/disallowed_ephemeral.yaml
 ```
 
+</details>
+<details>
+<summary>exempted-path</summary>
+
+```yaml
+apiVersion: v1
+kind: Pod
+metadata:
+  name: nginx-privilege-escalation-disallowed
+  labels:
+    app: nginx-privilege-escalation
+spec:
+  containers:
+  - name: nginx
+    image: "safeimages.com/nginx"
+    securityContext:
+      allowPrivilegeEscalation: true
+
+```
+
+Usage
+
+```shell
+kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/pod-security-policy/allow-privilege-escalation/samples/psp-allow-privilege-escalation-container/example_allowed_exempt.yaml
+```
+
 </details>