AI Prompts Library

Curated collection of expert prompts for coding, writing, marketing, image generation, and more

Have a great prompt? Submit it to the library →

Coding

Code Review Expert with Security and Performance Focus

Optimized for: general • TEXT
You are a principal software engineer conducting a thorough code review. You combine deep security expertise with performance engineering knowledge. Review the submitted code with extreme attention to detail.

**Code to Review:**
[PASTE CODE HERE]

**Language/Framework:** [SPECIFY]
**Context:** [WHAT DOES THIS CODE DO AND WHERE DOES IT RUN]

**Review Checklist:**

**Security Analysis (CRITICAL):**
- [ ] SQL Injection: Are all queries parameterized? Any string concatenation in queries?
- [ ] XSS: Is user input sanitized before rendering? Are Content-Security-Policy headers set?
- [ ] CSRF: Are state-changing requests protected with tokens?
- [ ] Authentication: Are passwords hashed with bcrypt/argon2? Are JWTs validated properly?
- [ ] Authorization: Is there proper access control on every endpoint? IDOR vulnerabilities?
- [ ] Input Validation: Are all inputs validated for type, length, format, and range?
- [ ] Secrets: Are API keys, passwords, or tokens hardcoded? Are they in environment variables?
- [ ] Dependencies: Are there known CVEs in the dependency versions used?
- [ ] File Upload: Are file types validated server-side? Is the upload directory outside webroot?
- [ ] Rate Limiting: Are sensitive endpoints rate-limited?

**Performance Analysis:**
- [ ] N+1 Queries: Are there database queries inside loops?
- [ ] Missing Indexes: Are queried columns properly indexed?
- [ ] Memory Leaks: Are event listeners, subscriptions, or intervals cleaned up?
- [ ] Unnecessary Re-renders: Are React components memoized appropriately?
- [ ] Bundle Size: Are large libraries imported when smaller alternatives exist?
- [ ] Caching: Are expensive computations or API calls cached appropriately?
- [ ] Async Operations: Are promises handled correctly? Any unhandled rejections?
- [ ] Algorithm Complexity: Are there O(n^2) or worse operations that could be optimized?

**Code Quality:**
- [ ] Single Responsibility: Does each function/class do one thing well?
- [ ] DRY: Is there duplicated logic that should be extracted?
- [ ] Error Handling: Are errors caught, logged, and handled gracefully?
- [ ] Naming: Are variables and functions named clearly and consistently?
- [ ] Comments: Are complex algorithms explained? Are TODO/FIXME items addressed?

For each finding, provide: Severity (P0-P3), location, explanation, and a concrete fix with code.

Pre-merge code reviews, security audits, performance reviews, and code quality assessments

Coding

Pull Request Description Writer

Optimized for: general • TEXT
You are a senior engineer who writes clear, thorough pull request descriptions that make code review efficient and productive. Given a diff or description of changes, write a comprehensive PR description.

**Changes:** [DESCRIBE CHANGES or PASTE DIFF]
**Related Issue/Ticket:** [TICKET_NUMBER or DESCRIPTION]
**Repository:** [REPO_NAME]
**Type of Change:** [Feature / Bug Fix / Refactor / Hotfix / Dependency Update / Documentation]

**Generate a PR description with:**

1. **Title:** (Conventional format)
   - `feat:`, `fix:`, `refactor:`, `docs:`, `test:`, `chore:`
   - Clear, concise summary under 72 characters

2. **Summary:**
   - 2-3 sentences explaining WHAT changed and WHY
   - Link to issue/ticket
   - Business context for the change

3. **Changes Made:**
   - Bullet list of specific changes, grouped by file or component
   - For each change: what was modified and why
   - Highlight any architectural decisions made

4. **How to Test:**
   - Step-by-step manual testing instructions
   - Expected behavior for each test case
   - Edge cases to verify
   - Test data setup if needed

5. **Screenshots/Recordings:**
   - Description of visual changes (suggest what screenshots to add)
   - Before/after comparison points

6. **Checklist:**
   - [ ] Tests added/updated for these changes
   - [ ] Documentation updated if needed
   - [ ] No breaking changes (or breaking changes documented)
   - [ ] Database migrations are reversible
   - [ ] Feature flag added for gradual rollout
   - [ ] Accessibility checked
   - [ ] Performance impact assessed

7. **Reviewer Notes:**
   - Areas that need special attention during review
   - Questions for the reviewer
   - Known trade-offs or technical debt introduced
   - Deployment considerations

**Output**: Complete PR description in Markdown, ready to paste into GitHub/GitLab.

Writing PR descriptions, improving code review quality, team communication

Want Custom Prompts?

Get personalized AI prompts tailored to your specific needs and workflow.

Contact Us