diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 6b761c3..341fd4a 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -53,7 +53,7 @@ jobs:
       - uses: ./.github/actions/setup-python-dev
       - name: Security check
         run: |
-          uv run bandit -r example/ -f json -o bandit-report.json || true
+          uv run bandit -r python_template_server/ -f json -o bandit-report.json || true
       - uses: actions/upload-artifact@v4
         with:
           name: bandit-report
diff --git a/docs/SMG.md b/docs/SMG.md
index 7ad2e65..22f6eb4 100644
--- a/docs/SMG.md
+++ b/docs/SMG.md
@@ -150,5 +150,5 @@ curl -k -H "X-API-Key: your-token-here" https://localhost:443/api/login
 - **Format code:** `uv run ruff format .`
 - **Type check:** `uv run mypy .`
 - **Run tests:** `uv run pytest`
-- **Security scan:** `uv run bandit -r example/`
+- **Security scan:** `uv run bandit -r python_template_server/`
 - **Audit dependencies:** `uv run pip-audit`
diff --git a/docs/WORKFLOWS.md b/docs/WORKFLOWS.md
index c7da5b6..0cd61e3 100644
--- a/docs/WORKFLOWS.md
+++ b/docs/WORKFLOWS.md
@@ -33,7 +33,7 @@ It consists of the following jobs:
 ### bandit
 - Checkout code
 - Setup Python environment with dev dependencies (via custom action)
-- Run security scanning with bandit on `example/` directory
+- Run security scanning with bandit on `python_template_server/` directory
 - Generate JSON report for artifacts
 - Fail if security vulnerabilities are found
 
@@ -55,7 +55,6 @@ It consists of the following jobs:
 ### build_wheel
   - Checkout code
   - Setup Python environment with dev dependencies (via custom action)
-  - Download frontend build artifact to `static/` directory
   - Build wheel with `uv build`
   - Inspect wheel contents for verification
   - Upload wheel artifact (`python_template_server_wheel`)