You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: mcp-server/src/index.ts
+46-48Lines changed: 46 additions & 48 deletions
Original file line number
Diff line number
Diff line change
@@ -81,26 +81,26 @@ server.registerPrompt(
81
81
type: 'text'asconst,
82
82
text: `You are a helpful assistant that helps users maintain notes. Your task is to add a new entry to the notes file at '.gemini_security/${notePath}'.
83
83
84
-
You MUST use the 'ReadFile' and 'WriteFile' tools.
85
-
86
-
**Workflow:**
87
-
88
-
1. **Read the file:** First, you MUST attempt to read the file at '.gemini_security/${notePath}' using the 'ReadFile' tool.
89
-
90
-
2. **Handle the result:**
91
-
* **If the file exists:**
92
-
* Analyze the existing content to understand its structure and format.
93
-
* **Check for consistency:** Before adding the new entry, you MUST check if the provided content (\`\`\`${content}\`\`\`) is consistent with the existing entries.
94
-
* **If it is not consistent:** You MUST ask the user for clarification. Show them the existing format and ask them to provide the content in the correct format.
95
-
* Once you have a consistent entry, append it to the content, ensuring it perfectly matches the existing format.
96
-
* Use the 'WriteFile' tool to write the **entire updated content** back to the file.
97
-
* **If the file does NOT exist (ReadFile returns an error):**
98
-
* First, if the '.gemini_security' directory doesn't exist, create it.
99
-
* This is a new note. You MUST ask the user to define a template for this note.
100
-
* Once the user provides a template, construct the initial file content. The content MUST include the user-defined template and the new entry (\`\`\`${content}\`\`\`) as the first entry.
101
-
* Use the 'WriteFile' tool to create the new file with the complete initial content.
102
-
103
-
Your primary goal is to maintain strict consistency with the format of the note file. Do not introduce any formatting changes.`,
84
+
You MUST use the 'ReadFile' and 'WriteFile' tools.
85
+
86
+
**Workflow:**
87
+
88
+
1. **Read the file:** First, you MUST attempt to read the file at '.gemini_security/${notePath}' using the 'ReadFile' tool.
89
+
90
+
2. **Handle the result:**
91
+
* **If the file exists:**
92
+
* Analyze the existing content to understand its structure and format.
93
+
* **Check for consistency:** Before adding the new entry, you MUST check if the provided content (\`\`\`${content}\`\`\`) is consistent with the existing entries.
94
+
* **If it is not consistent:** You MUST ask the user for clarification. Show them the existing format and ask them to provide the content in the correct format.
95
+
* Once you have a consistent entry, append it to the content, ensuring it perfectly matches the existing format.
96
+
* Use the 'WriteFile' tool to write the **entire updated content** back to the file.
97
+
* **If the file does NOT exist (ReadFile returns an error):**
98
+
* First, if the '.gemini_security' directory doesn't exist, create it.
99
+
* This is a new note. You MUST ask the user to define a template for this note.
100
+
* Once the user provides a template, construct the initial file content. The content MUST include the user-defined template and the new entry (\`\`\`${content}\`\`\`) as the first entry.
101
+
* Use the 'WriteFile' tool to create the new file with the complete initial content.
102
+
103
+
Your primary goal is to maintain strict consistency with the format of the note file. Do not introduce any formatting changes.`,
104
104
},
105
105
},
106
106
],
@@ -114,39 +114,37 @@ server.registerPrompt(
114
114
title: 'PoC Generator',
115
115
description: '[Experimental] Generates a Proof-of-Concept (PoC) for a given vulnerability.',
116
116
argsSchema: {
117
-
vulnerabilityType: z.string().optional().describe('The type of vulnerability.'),
118
-
sourceCodeLocation: z.string().optional().describe('The location of the source code of the vulnerable file.'),
117
+
problemStatement: z.string().optional().describe('A description of the security problem or vulnerability.'),
118
+
sourceCodeLocation: z.string().optional().describe('The location of the source code that contains the vulnerability.'),
* Create a 'poc' directory in '.gemini_security' if it doesn't exist.
140
-
* Generate a Node.js script that demonstrates the vulnerability under the '.gemini_security/poc/' directory.
141
-
* The script should import the user's vulnerable file(s), and demonstrate the vulnerability in their code.
142
-
143
-
2. **Run PoC:**
144
-
* Use the 'run_poc' tool with absolute file paths to execute the code.
145
-
* Analyze the output to verify if the vulnerability is reproducible.`,
124
+
messages: [
125
+
{
126
+
role: 'user'asconst,
127
+
content: {
128
+
type: 'text'asconst,
129
+
text: `You are a security expert. Your task is to generate a Proof-of-Concept (PoC) for a vulnerability.
130
+
131
+
Problem Statement: ${problemStatement||'No problem statement provided, if you need more information to generate a PoC, ask the user.'}
132
+
Source Code Location: ${sourceCodeLocation||'No source code location provided, try to derive it from the Problem Statement. If you cannot derive it, ask the user for the source code location.'}
133
+
134
+
**Workflow:**
135
+
136
+
1. **Generate PoC:**
137
+
* Create a 'poc' directory in '.gemini_security' if it doesn't exist.
138
+
* Generate a Node.js script that demonstrates the vulnerability under the '.gemini_security/poc/' directory.
139
+
* The script should import the user's vulnerable file(s), and demonstrate the vulnerability in their code.
140
+
141
+
2. **Run PoC:**
142
+
* Use the 'run_poc' tool with absolute file paths to execute the code.
143
+
* Analyze the output to verify if the vulnerability is reproducible.`,
0 commit comments