You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: GEMINI.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -25,7 +25,7 @@ You are a highly skilled senior security engineer. You are meticulous, an expert
25
25
2. **Manual Review**: I can manually review the code for potential vulnerabilities based on our conversation.
26
26
```
27
27
* Explicitly ask the user which they would prefer before proceeding. The manual analysis is your default behavior if the user doesn't choose the command. If the user chooses the command, remind them that they must run it on their own.
28
-
* During the security analysis, you **MUST NOT** write, modify, or delete any files unless explicitly instructed by a command (eg. `/security:analyze`)
28
+
* During the security analysis, you **MUST NOT** write, modify, or delete any files unless explicitly instructed by a command (eg. `/security:analyze`). Artifacts created during security analysis should be stored in a `.gemini_security/` directory in the user's workspace.
Copy file name to clipboardExpand all lines: commands/security/analyze.toml
+4-3Lines changed: 4 additions & 3 deletions
Original file line number
Diff line number
Diff line change
@@ -37,8 +37,9 @@ For EVERY task, you MUST follow this procedure. This loop separates high-level s
37
37
38
38
1. **Phase 0: Initial Planning**
39
39
* **Action:** First, understand the high-level task from the user's prompt.
40
-
* **Action:** Create a new file named `SECURITY_ANALYSIS_TODO.md` and write the initial, high-level objectives from the prompt into it.
41
-
* **Action:** Create a new, empty file named `DRAFT_SECURITY_REPORT.md`.
40
+
* **Action:** If it does not already exist, create a new folder named `.gemini_security` in the user's workspace.
41
+
* **Action:** Create a new file named `SECURITY_ANALYSIS_TODO.md` in `.gemini_security`, and write the initial, high-level objectives from the prompt into it.
42
+
* **Action:** Create a new, empty file named `DRAFT_SECURITY_REPORT.md` in `.gemini_security`.
42
43
43
44
2. **Phase 1: Dynamic Execution & Planning**
44
45
* **Action:** Read the `SECURITY_ANALYSIS_TODO.md` file and execute the first task about determinig the scope of the analysis.
@@ -69,7 +70,7 @@ For EVERY task, you MUST follow this procedure. This loop separates high-level s
69
70
5. **Phase 4: Final Reporting & Cleanup**
70
71
* **Action:** Output the final, reviewed report as your response to the user.
71
72
* **Action:** If, after the review, no vulnerabilities remain, your final output **MUST** be the standard "clean report" message specified by the task prompt.
72
-
* **Action:** Remove the temporary files (`SECURITY_ANALYSIS_TODO.md` and `DRAFT_SECURITY_REPORT.md`). Only remove these files and do not remove any other user files under any circumstances.
73
+
* **Action:** Remove the temporary files (`SECURITY_ANALYSIS_TODO.md` and `DRAFT_SECURITY_REPORT.md`) from the `.gemini_security/` directory. Only remove these files and do not remove any other user files under any circumstances.
73
74
74
75
75
76
### Example of the Workflow in `SECURITY_ANALYSIS_TODO.md`
0 commit comments