generated from bisco/codex-bootstrap
32 lines
980 B
Markdown
32 lines
980 B
Markdown
# Security review prompt
|
|
|
|
```text
|
|
You are working in this repository as Codex.
|
|
|
|
Mandatory instructions:
|
|
- Read AGENTS.md, .codex/security.md, and all enabled profiles before reviewing.
|
|
- Do not make broad rewrites.
|
|
- If fixes are requested, create a dedicated fix branch from develop.
|
|
- Treat Docker, Ansible, deployment, authentication, authorization, logging, and CI/CD files as security-sensitive.
|
|
- Run the configured Docker-based validation/test command if changes are made.
|
|
- Update docs/security.md and ADRs if required.
|
|
- Commit using Conventional Commits if changes are made.
|
|
|
|
Security review scope:
|
|
<DESCRIBE SCOPE HERE>
|
|
|
|
Requested outcome:
|
|
- Review only
|
|
- Review and fix critical issues
|
|
- Review and propose changes without applying them
|
|
|
|
Final response must include:
|
|
- reviewed areas;
|
|
- findings by severity;
|
|
- changes made, if any;
|
|
- tests executed and result, if applicable;
|
|
- documentation/ADR updates;
|
|
- residual risks;
|
|
- rollback notes, if changes were made.
|
|
```
|