From 34164b6dbd4d5577a3edbb8d4e388346299fd88b Mon Sep 17 00:00:00 2001
From: Jeymz Simmons <james@robotti.io>
Date: Fri, 24 Oct 2025 16:48:37 -0400
Subject: [PATCH] fix: update .dockerignore structure and improve CVE triage
 prompt clarity

---
 .dockerignore                           | 12 +++++++-----
 prompts/dependency-cve-triage.prompt.md |  3 ++-
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/.dockerignore b/.dockerignore
index cea5566..a0df568 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,13 +1,15 @@
-.env
+<!-- Directories -->
 .git
 .github
-.gitignore
-*.pfx
 node_modules
 tests
+
+<!-- Files -->
+.gitignore
+.env
 Dockerfile
 renovate.json
 eslint.config.mjs
-copilot-instructions.node_modules.gitlab-ci.yml
+.gitlab-ci.yml
 .markdownlint.yml
-.markdownlintignore
\ No newline at end of file
+.markdownlintignore
diff --git a/prompts/dependency-cve-triage.prompt.md b/prompts/dependency-cve-triage.prompt.md
index d8f51a4..3ac4398 100644
--- a/prompts/dependency-cve-triage.prompt.md
+++ b/prompts/dependency-cve-triage.prompt.md
@@ -12,7 +12,8 @@ Act as a **security vulnerability analyst** investigating a known CVE in the con
    Wait for a response before continuing.
 
 2. **CVE Lookup & Explanation**  
-   - Retrieve details about `{{CVE_NUMBER}}`  
+   - Use fetch to retrieve details about `{{CVE_NUMBER}}` from reputable sources (e.g., NVD, CVE Details, vendor advisories)  
+   - Identify affected versions and components
    - Summarize how the exploit works, including vector and preconditions
 
 3. **Risk Assessment in Local Context**