Key insight
Garbage in, garbage out applies to context windows. The assistant’s review is only as precise as the slice of code you let it see. Spend two minutes narrowing the scope before you spend twenty minutes interpreting the answer.
The three techniques, in order of effort
1. Open the tool in its own workspace
The cheapest fix. Close the multi-root workspace, the monorepo, the parent folder. Open the folder that contains just your tool’s source. Most AI assistants automatically use the currently open project as their default context; this single change usually removes 80–90% of the irrelevant material.
If your tool lives inside a larger monorepo and you cannot move it, keep the monorepo closed and open the tool’s subfolder as a standalone window for the duration of the review.
2. Let the assistant search the whole repo, then read the hits
On anything larger than a toy project you usually do not know which file holds the risk — and if you did, you would not need the check. Listing files by hand shifts the hardest part of the review onto you and quietly limits coverage to what you already suspected. Instead, tell the assistant to search the entire repository for the failure mode, then read every match in full before judging. Every prompt in Tip 2 opens with this instruction:
Search the whole repository to find where this applies — do not
wait for me to list files. Ignore generated, vendored, and dependency
folders (build output, node_modules, vendor). Identify every location
the failure mode below could occur, read those files in full before
you judge, and list the search terms you used so I can confirm nothing
was missed.The last clause is the important one. Asking the assistant to report the search terms it used turns coverage into something you can verify — if it searched for the wrong signals, you will see it, instead of trusting a confident answer that quietly missed half the codebase. This gives you whole-repo coverage without listing files and without asking the assistant to read everything indiscriminately.
3. Strip generated and vendored code
If your tool ships a dist/, build/, vendor/, or node_modules folder, make sure it is in the assistant’s ignore list (most respect .gitignore; some have a separate ignore file). Generated code is noise for a security review, fills the context window, and frequently triggers false positives that waste your time. The search instruction above already tells the assistant to skip these folders, but excluding them at the workspace level is more reliable.
A 30-second sanity check
Before running any of the prompts in Tip 2, ask the assistant this one question first:
List every source file you currently have access to in this
workspace. Group them by folder. Do not summarise — list them.If the answer surprises you — files you did not expect, files missing that should be there — fix the scope before going further. Five minutes here saves the next hour.
Failure modes & triage
| Symptom | Likely cause | Fix |
|---|---|---|
| Assistant cites code that does not exist | Hallucination from filename only; the file was not actually read. | Re-paste the prompt with the file contents inlined, or use an inline-edit / file-attach mode that forces the read. |
| Findings are generic (“consider input validation”) with no line numbers | The assistant read too broadly and is averaging across many files instead of the ones that matter. | Ask it to first list the files its search matched, then judge only those. Insist: “cite line numbers for every claim.” |
| Assistant reviews your tests or examples instead of the tool | Folder name (example/, demo/) is being treated as primary. | Add the folders to the assistant’s ignore file, or tell it to exclude test and example directories from its search. |
| Answers reference an old version of the file | Cached context from an earlier session. | Start a fresh chat / session. Most assistants do not invalidate cached file content between turns of the same session. |
Next tip
With the scope set, you are ready for the prompts themselves. Tip 2 → is the prompt pack — thirteen targeted security checks, paste-ready.