Hide files from the agent with .geminiignore
sessions & context
// what it does
Create a .geminiignore file in the project root using .gitignore syntax to keep paths out of the agent's reach. Matching files are excluded from @ directory inclusion, tool discovery, and context scanning. It is the way to stop the model from reading secrets, build artifacts, or huge vendored trees.
// shell
$ printf '*.log\napikeys.txt\n/packages/\n' > .geminiignore// gotcha
The file only hides paths from Gemini CLI tools — the files remain fully visible to Git and to anything else on your system, so it is not a security boundary for the data itself. Keep real secrets out of the repo entirely, not just out of .geminiignore.