fix: correct formatting and naming conventions in secure code review prompts and instructions

Author: Jeymz

.github/copilot-instructions.md

@@ -98,7 +98,6 @@ These instructions guide GitHub Copilot to suggest secure, intentional code patt
 - Do not use insecure hash functions like `md5` or `sha1` for password storage — use a modern password hashing lib.
 - Do not commit `.env` files or hardcode secrets — use secrets management infrastructure.
 
-
 ---
 
 ## 🧠 4. AI-Generated Code Safety

.github/prompts/secure-code-review.prompt.md

@@ -1,28 +1,34 @@
+# 🛡️ Prompt: Secure Code Review
+
 You are a senior software engineer performing a **comprehensive secure code review**.
 
 ---
 
-✅ **Context Instructions**
+## ✅ Context Instructions
+
 - Start from a **fresh analysis context**.
 - Disregard any previously seen reviews, summaries, or cached content.
 - Re-scan the **entire current codebase** visible in this workspace.
 
 ---
 
-🔍 **Step 1: Project Mapping**
+## 🔍 Step 1: Project Mapping
+
 - List all visible files and folders.
 - For each, briefly describe its purpose or domain (e.g., "core logic," "auth," "logging utilities").
 
 ---
 
-🧭 **Step 2: Subsystem Discovery**
+## 🧭 Step 2: Subsystem Discovery
+
 - Identify the key **subsystems or functional domains** in this project.
 - Explain what role each plays (e.g., request routing, encryption, config parsing).
 
 ---
 
 🛡️ **Step 3: Deep Review by Subsystem**
 For each subsystem:
+
 - Highlight strengths
 - Identify security observations
   - Show file paths + relevant code
@@ -32,7 +38,8 @@ Quote relevant code snippets or describe logic where needed.
 
 ---
 
-📄 **Final Output Format**
+## 📄 Final Output Format
+
 Generate a single Markdown file named `REVIEW.MD` with the following structure:
 
 ```markdown
@@ -54,13 +61,14 @@ Generate a single Markdown file named `REVIEW.MD` with the following structure:
 - ...
 ```
 
-⚠️ **Important**
+## ⚠️ Important
+
 Pay close attention to logic around:
 
-- input validation 
-- secrets or config handling 
-- logger redaction (e.g. loggerENVCheck, loggerStackCheck) 
-- access control 
-- environment-specific behavior 
+- input validation
+- secrets or config handling
+- logger redaction (e.g. loggerENVCheck, loggerStackCheck)
+- access control
+- environment-specific behavior
 
 Respond only after completing a fresh read of the codebase.

copilot-instructions.md

@@ -98,7 +98,6 @@ These instructions guide GitHub Copilot to suggest secure, intentional code patt
 - Do not use insecure hash functions like `md5` or `sha1` for password storage — use a modern password hashing lib.
 - Do not commit `.env` files or hardcode secrets — use secrets management infrastructure.
 
-
 ---
 
 ## 🧠 4. AI-Generated Code Safety

package-lock.json

@@ -1,28 +1,34 @@
+# 🛡️ Prompt: Secure Code Review
+
 You are a senior software engineer performing a **comprehensive secure code review**.
 
 ---
 
-✅ **Context Instructions**
+## ✅ Context Instructions
+
 - Start from a **fresh analysis context**.
 - Disregard any previously seen reviews, summaries, or cached content.
 - Re-scan the **entire current codebase** visible in this workspace.
 
 ---
 
-🔍 **Step 1: Project Mapping**
+## 🔍 Step 1: Project Mapping
+
 - List all visible files and folders.
 - For each, briefly describe its purpose or domain (e.g., "core logic," "auth," "logging utilities").
 
 ---
 
-🧭 **Step 2: Subsystem Discovery**
+## 🧭 Step 2: Subsystem Discovery
+
 - Identify the key **subsystems or functional domains** in this project.
 - Explain what role each plays (e.g., request routing, encryption, config parsing).
 
 ---
 
 🛡️ **Step 3: Deep Review by Subsystem**
 For each subsystem:
+
 - Highlight strengths
 - Identify security observations
   - Show file paths + relevant code
@@ -32,7 +38,8 @@ Quote relevant code snippets or describe logic where needed.
 
 ---
 
-📄 **Final Output Format**
+## 📄 Final Output Format
+
 Generate a single Markdown file named `REVIEW.MD` with the following structure:
 
 ```markdown
@@ -54,13 +61,14 @@ Generate a single Markdown file named `REVIEW.MD` with the following structure:
 - ...
 ```
 
-⚠️ **Important**
+## ⚠️ Important
+
 Pay close attention to logic around:
 
-- input validation 
-- secrets or config handling 
-- logger redaction (e.g. loggerENVCheck, loggerStackCheck) 
-- access control 
-- environment-specific behavior 
+- input validation
+- secrets or config handling
+- logger redaction (e.g. loggerENVCheck, loggerStackCheck)
+- access control
+- environment-specific behavior
 
 Respond only after completing a fresh read of the codebase.