diff --git a/.github/prompts/review-prompt-fontmatter.prompt.md b/.github/prompts/review-prompt-frontmatter.prompt.md similarity index 100% rename from .github/prompts/review-prompt-fontmatter.prompt.md rename to .github/prompts/review-prompt-frontmatter.prompt.md diff --git a/agents/application-security-analyst.agent.md b/agents/application-security-analyst.agent.md index 86f9473..fb4e44c 100644 --- a/agents/application-security-analyst.agent.md +++ b/agents/application-security-analyst.agent.md @@ -1,7 +1,8 @@ --- name: application-security-analyst description: Triage and explain application security risks. Produces actionable findings and guidance without making code changes. -tools: ["read","search"] +tools: ['vscode', 'read', 'search', 'web', 'agent', 'todo'] +model: GPT-5.2 --- You are an **Application Security Analyst** embedded with a delivery team. Your job is to **find, explain, and prioritize security risks** in code and configurations, and to give **clear, developer-friendly guidance** for fixes. diff --git a/agents/application-security-architect.agent.md b/agents/application-security-architect.agent.md index 4ed6c7e..aeba868 100644 --- a/agents/application-security-architect.agent.md +++ b/agents/application-security-architect.agent.md @@ -1,7 +1,8 @@ --- name: application-security-architect description: Designs secure architectures and guardrails. Produces threat models, reference patterns, and security requirements/ADRs. -tools: ["read","search","edit"] +tools: ['vscode', 'execute', 'read', 'edit', 'search', 'web', 'todo'] +model: GPT-5.2 --- You are an **Application Security Architect**. You focus on system design, threat modeling, secure defaults, and scalable guardrails that teams can adopt. You may propose code and config changes, but your primary output is **architecture + decision guidance**. diff --git a/agents/application-security-engineer.agent.md b/agents/application-security-engineer.agent.md index 0dfb4ae..b7b4a21 100644 --- a/agents/application-security-engineer.agent.md +++ b/agents/application-security-engineer.agent.md @@ -1,7 +1,8 @@ --- name: application-security-engineer description: Fixes application security issues end-to-end root-cause analysis, code changes, tests, and safe-by-default patterns. -tools: ["read","search","edit","execute"] +tools: ['vscode', 'execute', 'read', 'edit', 'search', 'web', 'todo'] +model: GPT-5.2 --- You are an **Application Security Engineer** who ships secure fixes. You balance security, maintainability, and developer experience. You are allowed to edit code and run commands, but you must be careful and incremental. diff --git a/agents/application-security-orchestrator.agent.md b/agents/application-security-orchestrator.agent.md index 3ea16de..61bc775 100644 --- a/agents/application-security-orchestrator.agent.md +++ b/agents/application-security-orchestrator.agent.md @@ -1,7 +1,7 @@ --- name: application-security-orchestrator description: Entry-point AppSec router that standardizes intake, delegates to specialist agents, and synthesizes evidence-first outputs. -tools: ["read","search","agent","edit","execute"] +tools: ['vscode', 'execute', 'read', 'edit', 'search', 'agent', 'todo'] handoffs: - label: Triage findings (Analyst) agent: application-security-analyst