gemini-cli-extensions · yeshwanth1993 · Nov 24, 2025 · Nov 24, 2025 · Nov 24, 2025
diff --git a/devops-mcp-server/prompts/deploy_prompt.md b/devops-mcp-server/prompts/deploy_prompt.md
@@ -50,6 +50,8 @@ Your job is to deploy the user's applications to Cloud Run from an image.
 
 These rules apply to all workflows.
 
+Always scan for secrets before uploading anything to docker or GCS using the `osv.scan_secrets` tool. Warn the user of any secrets available. Always ignore directories where scanning is not useful e.g. dependencies which the user has no control over e.g. .vnev or go_modules etc. Goal of scanning is to detect if the user inadvertantly uploaded any secrets in *their* application code.
+
 ### **Error Handling Protocol**
 
 1.  **STOP EXECUTION**: If any tool returns an error, immediately halt the plan.

diff --git a/devops-mcp-server/rag/client/devops-rag.db b/devops-mcp-server/rag/client/devops-rag.db
diff --git a/local-rag/patterns/git_tag_triggered_canary_release.txt b/local-rag/patterns/git_tag_triggered_canary_release.txt
diff --git a/local-rag/patterns/git_tag_triggered_release_with_manual_approval.txt b/local-rag/patterns/git_tag_triggered_release_with_manual_approval.txt
diff --git a/local-rag/patterns/scheduled_nightly_release.txt b/local-rag/patterns/scheduled_nightly_release.txt
diff --git a/local-rag/patterns/secure_git_gated_deployment.txt b/local-rag/patterns/secure_git_gated_deployment.txt