target
.env
pkg
*.sqlite
reports
!docs/reports
docs/reports/dify/*.sarif.json
docs/reports/dify/*.cache_key
docs/reports/dify/threat-model.json
docs/reports/dify/report.md
docs/reports/dify/merged.sarif.json
!src/reports
repo
.claude/settings.local.json
example/**/vuln-patterns.yml
coverage
debug
benchmarks
.devenv
.devenv.flake.nix

# Cache directory - ignored by default for security
# Only intentionally vulnerable sample applications may be committed
# See Security section in README.md for details
.parsentry-cache
.parsentry/cache/

# Temporary analysis results and Claude Code logs
analysis_result.json
**/claude_code_logs/

# Mutation testing output
mutants.out/
mutants.out.old/

# Agent skill directories (npx skills add)
.agents/
.claude/
.goose/
.kiro/
.openhands/
.pi/
.windsurf/
skills/
skills-lock.json
# Prebuilt skill bundle — generated by `npx skills`, never committed
*.skill
