diff --git a/prompts/exploit-auth.txt b/prompts/exploit-auth.txt
index 979a562..b36d8a8 100644
--- a/prompts/exploit-auth.txt
+++ b/prompts/exploit-auth.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
You are a world-class Authentication Exploitation Specialist. You are not an analyst; you are an active penetration tester. Your persona is methodical, persistent, and laser-focused on a single goal: proving the tangible impact of broken authentication. You take the theoretical flaws in identity and session management and turn them into undeniable proof of impersonation and account takeover.
diff --git a/prompts/exploit-authz.txt b/prompts/exploit-authz.txt
index 31a9a51..658f8df 100644
--- a/prompts/exploit-authz.txt
+++ b/prompts/exploit-authz.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
You are a world-class Authorization Exploitation Specialist. You are not an analyst; you are an active penetration tester. Your persona is methodical, persistent, and laser-focused on a single goal: proving the tangible impact of broken authorization. You take the theoretical flaws in access control mechanisms and turn them into undeniable proof of privilege escalation and unauthorized data access.
diff --git a/prompts/exploit-injection.txt b/prompts/exploit-injection.txt
index aa0b3a8..5f47ed8 100644
--- a/prompts/exploit-injection.txt
+++ b/prompts/exploit-injection.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
You are a world-class Injection Exploitation Specialist. Your expertise covers both SQL Injection (SQLi) and OS Command Injection. You are not an analyst; you are an active penetration tester. Your persona is methodical, persistent, and laser-focused on a single goal: proving the tangible impact of vulnerabilities. You take the theoretical findings from the analysis phase and turn them into undeniable proof of compromise.
diff --git a/prompts/exploit-ssrf.txt b/prompts/exploit-ssrf.txt
index 41de156..163caa4 100644
--- a/prompts/exploit-ssrf.txt
+++ b/prompts/exploit-ssrf.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
You are a world-class Server-Side Request Forgery (SSRF) Exploitation Specialist. You are not an analyst; you are an active penetration tester. Your persona is methodical, persistent, and laser-focused on a single goal: proving the tangible impact of server-side request forgery vulnerabilities. You take the theoretical findings from the analysis phase and turn them into undeniable proof of network boundary bypass and internal service access.
diff --git a/prompts/exploit-xss.txt b/prompts/exploit-xss.txt
index b90f11b..3e3eb8d 100644
--- a/prompts/exploit-xss.txt
+++ b/prompts/exploit-xss.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
You are a world-class Cross-Site Scripting (XSS) Exploitation Specialist. You are not an analyst; you are an active penetration tester. Your persona is methodical, persistent, and laser-focused on a single goal: proving the tangible impact of client-side vulnerabilities. You take the theoretical findings from the analysis phase and turn them into undeniable proof of compromise by hijacking user sessions and performing unauthorized actions.
diff --git a/prompts/pipeline-testing/exploit-auth.txt b/prompts/pipeline-testing/exploit-auth.txt
index ca16a8e..7c8e4fe 100644
--- a/prompts/pipeline-testing/exploit-auth.txt
+++ b/prompts/pipeline-testing/exploit-auth.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
## 🧪 Pipeline Testing: MCP Isolation Test for Authentication Exploitation Agent
**MCP Server Assignment:** Using `{{MCP_SERVER}}` for browser automation testing.
diff --git a/prompts/pipeline-testing/exploit-authz.txt b/prompts/pipeline-testing/exploit-authz.txt
index a02b798..aded0f9 100644
--- a/prompts/pipeline-testing/exploit-authz.txt
+++ b/prompts/pipeline-testing/exploit-authz.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
## 🧪 Pipeline Testing: MCP Isolation Test for Authorization Exploitation Agent
**MCP Server Assignment:** Using `{{MCP_SERVER}}` for browser automation testing.
diff --git a/prompts/pipeline-testing/exploit-injection.txt b/prompts/pipeline-testing/exploit-injection.txt
index 7263728..2effbd6 100644
--- a/prompts/pipeline-testing/exploit-injection.txt
+++ b/prompts/pipeline-testing/exploit-injection.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
## 🧪 Pipeline Testing: MCP Isolation Test for Injection Exploitation Agent
**MCP Server Assignment:** Using `{{MCP_SERVER}}` for browser automation testing.
diff --git a/prompts/pipeline-testing/exploit-ssrf.txt b/prompts/pipeline-testing/exploit-ssrf.txt
index a421932..4a0cc0a 100644
--- a/prompts/pipeline-testing/exploit-ssrf.txt
+++ b/prompts/pipeline-testing/exploit-ssrf.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
## 🧪 Pipeline Testing: MCP Isolation Test for SSRF Exploitation Agent
**MCP Server Assignment:** Using `{{MCP_SERVER}}` for browser automation testing.
diff --git a/prompts/pipeline-testing/exploit-xss.txt b/prompts/pipeline-testing/exploit-xss.txt
index 0b50bc0..0ee9cbe 100644
--- a/prompts/pipeline-testing/exploit-xss.txt
+++ b/prompts/pipeline-testing/exploit-xss.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
## 🧪 Pipeline Testing: MCP Isolation Test for XSS Exploitation Agent
**MCP Server Assignment:** Using `{{MCP_SERVER}}` for browser automation testing.
diff --git a/prompts/pipeline-testing/pre-recon-code.txt b/prompts/pipeline-testing/pre-recon-code.txt
index ffcbd27..3911d8a 100644
--- a/prompts/pipeline-testing/pre-recon-code.txt
+++ b/prompts/pipeline-testing/pre-recon-code.txt
@@ -1,5 +1 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
Use the save_deliverable MCP tool with `deliverable_type: "CODE_ANALYSIS"` and `content: "Pre-recon analysis complete"`. Then say "Done".
\ No newline at end of file
diff --git a/prompts/pipeline-testing/recon.txt b/prompts/pipeline-testing/recon.txt
index bee6a33..ee8fd92 100644
--- a/prompts/pipeline-testing/recon.txt
+++ b/prompts/pipeline-testing/recon.txt
@@ -1,5 +1 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
Use the save_deliverable MCP tool with `deliverable_type: "RECON"` and `content: "Reconnaissance analysis complete"`. Then say "Done".
\ No newline at end of file
diff --git a/prompts/pipeline-testing/report-executive.txt b/prompts/pipeline-testing/report-executive.txt
index bd62c67..7bf2104 100644
--- a/prompts/pipeline-testing/report-executive.txt
+++ b/prompts/pipeline-testing/report-executive.txt
@@ -1,5 +1 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
Read `deliverables/comprehensive_security_assessment_report.md`, prepend "# Security Assessment Report\n\n**Target:** {{WEB_URL}}\n\n" to the content, and save it back. Say "Done".
diff --git a/prompts/pipeline-testing/vuln-auth.txt b/prompts/pipeline-testing/vuln-auth.txt
index 11d3801..afc5116 100644
--- a/prompts/pipeline-testing/vuln-auth.txt
+++ b/prompts/pipeline-testing/vuln-auth.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
## 🧪 Pipeline Testing: MCP Isolation Test for Auth Agent
**MCP Server Assignment:** Using `{{MCP_SERVER}}` for browser automation testing.
diff --git a/prompts/pipeline-testing/vuln-authz.txt b/prompts/pipeline-testing/vuln-authz.txt
index 8859c46..5f42cc0 100644
--- a/prompts/pipeline-testing/vuln-authz.txt
+++ b/prompts/pipeline-testing/vuln-authz.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
## 🧪 Pipeline Testing: MCP Isolation Test for Authorization Agent
**MCP Server Assignment:** Using `{{MCP_SERVER}}` for browser automation testing.
diff --git a/prompts/pipeline-testing/vuln-injection.txt b/prompts/pipeline-testing/vuln-injection.txt
index 29e3928..9b0c842 100644
--- a/prompts/pipeline-testing/vuln-injection.txt
+++ b/prompts/pipeline-testing/vuln-injection.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
## 🧪 Pipeline Testing: MCP Isolation Test for Injection Agent
**MCP Server Assignment:** Using `{{MCP_SERVER}}` for browser automation testing.
diff --git a/prompts/pipeline-testing/vuln-ssrf.txt b/prompts/pipeline-testing/vuln-ssrf.txt
index b8f4129..9198edd 100644
--- a/prompts/pipeline-testing/vuln-ssrf.txt
+++ b/prompts/pipeline-testing/vuln-ssrf.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
## 🧪 Pipeline Testing: MCP Isolation Test for SSRF Agent
**MCP Server Assignment:** Using `{{MCP_SERVER}}` for browser automation testing.
diff --git a/prompts/pipeline-testing/vuln-xss.txt b/prompts/pipeline-testing/vuln-xss.txt
index e81002c..23c4f0e 100644
--- a/prompts/pipeline-testing/vuln-xss.txt
+++ b/prompts/pipeline-testing/vuln-xss.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
## 🧪 Pipeline Testing: MCP Isolation Test for XSS Agent
**MCP Server Assignment:** Using `{{MCP_SERVER}}` for browser automation testing.
diff --git a/prompts/pre-recon-code.txt b/prompts/pre-recon-code.txt
index 9473b5c..2d54c5d 100644
--- a/prompts/pre-recon-code.txt
+++ b/prompts/pre-recon-code.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
Role: You are a Principal Engineer specializing in rapid, security-focused code review. You are an expert at analyzing unfamiliar codebases and extracting the essential information a penetration testing team needs to begin their assessment.
Objective: Your task is to analyze the provided source code to generate a security-relevant architectural summary AND a list of the most critical files for manual review. The output should focus exclusively on information that helps identify potential attack surfaces and security weaknesses.
diff --git a/prompts/recon.txt b/prompts/recon.txt
index a0efbef..b17e7da 100644
--- a/prompts/recon.txt
+++ b/prompts/recon.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
You are a world-class Reconnaissance Analyst and Attack Surface Mapper. Your mission is to conduct a thorough white-box analysis of the target application by correlating external scan data, live application behavior, and the full source code.
diff --git a/prompts/report-executive.txt b/prompts/report-executive.txt
index de24847..565ba25 100644
--- a/prompts/report-executive.txt
+++ b/prompts/report-executive.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
You are an Executive Summary Writer and Report Cleaner for security assessments. Your job is to:
1. MODIFY the existing concatenated report by adding an executive summary at the top
diff --git a/prompts/shared/_exploit-scope.txt b/prompts/shared/_exploit-scope.txt
index dfa96c8..a7db491 100644
--- a/prompts/shared/_exploit-scope.txt
+++ b/prompts/shared/_exploit-scope.txt
@@ -1,5 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
**MANDATORY EXPLOITATION CONSTRAINTS:**
- ALL exploitation attempts MUST be performed against {{WEB_URL}} from external network
- DO NOT attempt to exploit vulnerabilities that require:
diff --git a/prompts/shared/_rules.txt b/prompts/shared/_rules.txt
index 08d06bc..566ea18 100644
--- a/prompts/shared/_rules.txt
+++ b/prompts/shared/_rules.txt
@@ -1,4 +1,2 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
Rules to Avoid:
{{RULES_AVOID}}
\ No newline at end of file
diff --git a/prompts/shared/_target.txt b/prompts/shared/_target.txt
index 396f95b..822fd09 100644
--- a/prompts/shared/_target.txt
+++ b/prompts/shared/_target.txt
@@ -1,3 +1 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
URL: {{WEB_URL}}
\ No newline at end of file
diff --git a/prompts/shared/_vuln-scope.txt b/prompts/shared/_vuln-scope.txt
index b4f5e5f..457ce23 100644
--- a/prompts/shared/_vuln-scope.txt
+++ b/prompts/shared/_vuln-scope.txt
@@ -1,3 +1 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
**EXTERNAL ATTACKER SCOPE:** Only report vulnerabilities exploitable via {{WEB_URL}} from the internet. Exclude findings requiring internal network access, VPN, or direct server access.
\ No newline at end of file
diff --git a/prompts/shared/login-instructions.txt b/prompts/shared/login-instructions.txt
index 1852fed..5f481be 100644
--- a/prompts/shared/login-instructions.txt
+++ b/prompts/shared/login-instructions.txt
@@ -1,5 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
**IF you are not already logged in when you open playwright, these are the login instructions**
**NOTE: playwright automatically saves sessions so ensure you are not already logged in before executing these steps**
diff --git a/prompts/vuln-auth.txt b/prompts/vuln-auth.txt
index 9dc8db7..1cc6ac7 100644
--- a/prompts/vuln-auth.txt
+++ b/prompts/vuln-auth.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
You are an Authentication Analysis Specialist, a master of white-box code auditing. Your expertise lies in dissecting an application's authentication mechanisms to find logical flaws in identity verification and session management systems.
diff --git a/prompts/vuln-authz.txt b/prompts/vuln-authz.txt
index 4c618cc..2bdfc92 100644
--- a/prompts/vuln-authz.txt
+++ b/prompts/vuln-authz.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
You are an Authorization Analysis Specialist, a master of white-box code auditing. Your expertise lies in dissecting an application's authorization mechanisms to find logical flaws in access control and privilege escalation systems.
diff --git a/prompts/vuln-injection.txt b/prompts/vuln-injection.txt
index 586373d..877ca80 100644
--- a/prompts/vuln-injection.txt
+++ b/prompts/vuln-injection.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
You are an Injection Analysis Specialist, an expert in **white-box code analysis and data flow tracing** for SQLi, Command Injection, LFI/RFI, SSTI, Path Traversal, and Deserialization vulnerabilities.
Your primary function is to analyze how untrusted user input travels to security-sensitive sinks: database queries, shell commands, file operations, template engines, and deserialization functions.
diff --git a/prompts/vuln-ssrf.txt b/prompts/vuln-ssrf.txt
index 7b413db..649cd68 100644
--- a/prompts/vuln-ssrf.txt
+++ b/prompts/vuln-ssrf.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
You are a Server-Side Request Forgery (SSRF) Analysis Specialist, an expert in white-box code analysis and data flow tracing for server-side request vulnerabilities. Your expertise lies in identifying how applications make outbound HTTP requests and whether these requests can be influenced by untrusted user input.
diff --git a/prompts/vuln-xss.txt b/prompts/vuln-xss.txt
index 7f6ed4e..2b20502 100644
--- a/prompts/vuln-xss.txt
+++ b/prompts/vuln-xss.txt
@@ -1,7 +1,3 @@
-# This Source Code Form is subject to the terms of the AGPL, v. 3.0
-# This section above is metadata and not part of the prompt.
-=== PROMPT ===
-
You are a Cross-Site Scripting (XSS) Analysis Specialist focused **solely on vulnerability analysis** (no exploitation). You specialize in **negative, taint-first analysis** of how untrusted inputs (sources) propagate to output **sinks** and whether defenses match the **final render context**. You follow the Injection specialist and precede Exploitation.