Agent Prompts - Reusable prompts for quick agent context loading.

initialize.md

Read ALL files in @agent. We are going to understand this project then work on a generic task.

Then read KEY src files per your understanding.

Then read @agent again, update stale @agent/tasks, stale documentation, and update @/agent/progress.yaml.

proceed.md

Let's proceed with implementing this task. Remember to update @agent/progress.yaml as you progress.

security-audit.md

You are a security expert. Do a complete audit of this repository and document your findings in @agent/security/audit_{d+}.md.

The @agent/security/ directory contains historical security audits.

Please consider items such as:

• Potential secret expsosure
• Insecure transport
• Insecure transmission of tokens or secrets
• Insecure database records at rest
• Insecure storage documents at rest
• Insecure token exchange flow
• Insecure OAuth flows
• Insecure port exposure
• Insecure subprocess execution
• Insecure external input sanitization and validation
• Insesure data or prompt injection
• Insecure Javascript patterns
• Insecure libraries, or libraries requiring security updates
• Insecure protocols
• Insecure remote machine execution
• Insecure REST, RPC endpoints
• Insecure encryption SHAs
• Insecure CORs
• Insecure Cookies, potential Cookie expsoure
• Insecure Javascript Cookies (cookies that can be read inside the Javascript execution environment that should only be accessable within the HTTP transport layer)
• Insecure user authentication, or authorization (attacks can spoof users)
• Insecure CSRF risks
• Insecure dev console attack vectors

Use Brave Search MCP to validate any assumptions or complete knowledge gaps in your ability to complete the audit.