clone/codex
1
0
Fork 0
mirror of https://github.com/openai/codex.git synced 2026-04-25 23:24:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Ground spec generation with READ/SEARCH/GREP_FILES tooling

Browse Source
This commit is contained in:
kh.ai
2025-11-13 15:50:38 -08:00
parent d6ea909acc
commit 62cade4e09
2 changed files with 273 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
codex-rs/tui/src/security_prompts.rs
View File

@@ -59,9 +59,9 @@ Output format: JSON Lines, each {{"keyword": "<term>"}}. Do not add commentary o
"#;
// Spec generation prompts
pub(crate) const SPEC_SYSTEM_PROMPT: &str = "You are an application security engineer documenting how a project is built. Produce an architecture specification that focuses on components, flows, and controls. Stay within the provided code locations and keep the output in markdown.";
pub(crate) const SPEC_SYSTEM_PROMPT: &str = "You are an application security engineer documenting how a project is built. Produce an architecture specification that focuses on components, flows, and controls. Stay within the provided code locations, ground claims in concrete evidence, and keep the output in markdown.";
pub(crate) const SPEC_COMBINE_SYSTEM_PROMPT: &str = "You are consolidating multiple specification drafts into a single, cohesive project specification. Merge overlapping content, keep terminology consistent, and follow the supplied template. Preserve every security-relevant detail; when in doubt, include rather than summarize away content.";
pub(crate) const SPEC_PROMPT_TEMPLATE: &str = "You have access to the source code inside the following locations:\n{project_locations}\n\nFocus on {target_label}.\nGenerate a security-focused project specification. Parallelize discovery when enumerating files and avoid spending time on tests, vendored dependencies, or build artefacts. Follow the template exactly and return only markdown.\n\nTemplate:\n{spec_template}\n";
pub(crate) const SPEC_PROMPT_TEMPLATE: &str = "You have access to the source code inside the following locations:\n{project_locations}\n\nFocus on {target_label}.\nGenerate a security-focused project specification. Parallelize discovery when enumerating files and avoid spending time on tests, vendored dependencies, or build artefacts.\n\n# Available tools\n- READ: respond with `READ: <relative path>#Lstart-Lend` (range optional) to open code files within the in-scope locations.\n- SEARCH: respond with `SEARCH: literal:<term>` or `SEARCH: regex:<pattern>` to run ripgrep over the repository root and inspect matches.\n- GREP_FILES: respond with `GREP_FILES: {\"pattern\":\"needle\",\"include\":\"*.rs\",\"path\":\"subdir\",\"limit\":200}` to list files whose contents match.\nEmit at most one tool command per message and wait for the tool output before continuing. Use these tools to ground API entry points, components, and data flows in actual code instead of speculation.\n\nWhen you have gathered enough evidence, follow the template exactly and return only markdown (no tool commands).\n\nTemplate:\n{spec_template}\n";
pub(crate) const CONVERT_CLASSIFICATION_TO_JSON_PROMPT_TEMPLATE: &str = r#"
Read the project specification below and extract a normalized Data Classification list.