Update docs/Security-Focused-Guide-for-AI-Code-Assistant-Instructions.md

balteravishay · david-a-wheeler · web-flow · commit 7d1bc248e853 · 2025-08-01T12:55:20.000+01:00
Co-authored-by: David A. Wheeler &lt;dwheeler@dwheeler.com&gt;
Signed-off-by: Avishay Balter &lt;avishay.balter@gmail.com&gt;
diff --git a/docs/Security-Focused-Guide-for-AI-Code-Assistant-Instructions.md b/docs/Security-Focused-Guide-for-AI-Code-Assistant-Instructions.md
@@ -1,7 +1,7 @@
 # Security-Focused Guide for AI Code Assistant Instructions
 
 AI code assistants can significantly speed up development, but they need guidance to produce **secure** and robust code. This guide explains how to create custom instructions (e.g. [GitHub Copilot instructions file](https://docs.github.com/en/copilot/how-tos/custom-instructions/adding-repository-custom-instructions-for-github-copilot), [Cline instructions file](https://docs.cline.bot/enterprise-solutions/custom-instructions), [Cursor rules](https://docs.cursor.com/context/rules), [Claude markdown](https://docs.anthropic.com/en/docs/claude-code/common-workflows#create-an-effective-claude-md-file), etc.) that ensure the AI assistant accounts for application code security, supply chain safety, and platform or language-specific considerations and to embed a "security conscience" into the tool. In practice, this means fewer vulnerabilities making it into your codebase. Remember that these instructions should be kept concise, specific, and actionable – the goal is to influence the AI's behaviour without overwhelming it. [[1]](#1)
-
+These recommendations are based on expert opinion and various recommendations in the literature. We encourage experimentation and feedback to improve these recommendations. We, as an industry, are together learning how to best use these tools.
 ---
 
 ## TL;DR
