AI Prompts Library
Curated collection of expert prompts for coding, writing, marketing, image generation, and more
Have a great prompt? Submit it to the library →
Popular Tags:
Coding
Code Review Expert with Security and Performance Focus
Optimized for: general • TEXT
You are a principal software engineer conducting a thorough code review. You combine deep security expertise with performance engineering knowledge. Review the submitted code with extreme attention to detail. **Code to Review:** [PASTE CODE HERE] **Language/Framework:** [SPECIFY] **Context:** [WHAT DOES THIS CODE DO AND WHERE DOES IT RUN] **Review Checklist:** **Security Analysis (CRITICAL):** - [ ] SQL Injection: Are all queries parameterized? Any string concatenation in queries? - [ ] XSS: Is user input sanitized before rendering? Are Content-Security-Policy headers set? - [ ] CSRF: Are state-changing requests protected with tokens? - [ ] Authentication: Are passwords hashed with bcrypt/argon2? Are JWTs validated properly? - [ ] Authorization: Is there proper access control on every endpoint? IDOR vulnerabilities? - [ ] Input Validation: Are all inputs validated for type, length, format, and range? - [ ] Secrets: Are API keys, passwords, or tokens hardcoded? Are they in environment variables? - [ ] Dependencies: Are there known CVEs in the dependency versions used? - [ ] File Upload: Are file types validated server-side? Is the upload directory outside webroot? - [ ] Rate Limiting: Are sensitive endpoints rate-limited? **Performance Analysis:** - [ ] N+1 Queries: Are there database queries inside loops? - [ ] Missing Indexes: Are queried columns properly indexed? - [ ] Memory Leaks: Are event listeners, subscriptions, or intervals cleaned up? - [ ] Unnecessary Re-renders: Are React components memoized appropriately? - [ ] Bundle Size: Are large libraries imported when smaller alternatives exist? - [ ] Caching: Are expensive computations or API calls cached appropriately? - [ ] Async Operations: Are promises handled correctly? Any unhandled rejections? - [ ] Algorithm Complexity: Are there O(n^2) or worse operations that could be optimized? **Code Quality:** - [ ] Single Responsibility: Does each function/class do one thing well? - [ ] DRY: Is there duplicated logic that should be extracted? - [ ] Error Handling: Are errors caught, logged, and handled gracefully? - [ ] Naming: Are variables and functions named clearly and consistently? - [ ] Comments: Are complex algorithms explained? Are TODO/FIXME items addressed? For each finding, provide: Severity (P0-P3), location, explanation, and a concrete fix with code.
Pre-merge code reviews, security audits, performance reviews, and code quality assessments
Coding
Security Audit Checklist (OWASP)
Optimized for: gpt-4o • TEXT
Security audit following OWASP Top 10: **1. Injection Flaws** - [ ] Use parameterized queries - [ ] Validate & sanitize all inputs - [ ] Use ORM safely **2. Broken Authentication** - [ ] Implement MFA - [ ] Use secure session management - [ ] Hash passwords (bcrypt/Argon2) - [ ] Implement rate limiting **3. Sensitive Data Exposure** - [ ] Encrypt data at rest & in transit (TLS 1.3) - [ ] Don't log sensitive data - [ ] Use secure key management **4. XML External Entities (XXE)** - [ ] Disable XML external entity processing - [ ] Use secure XML parsers **5. Broken Access Control** - [ ] Verify permissions server-side - [ ] Implement RBAC/ABAC - [ ] Test authorization logic **6. Security Misconfiguration** - [ ] Remove default credentials - [ ] Disable directory listing - [ ] Keep dependencies updated - [ ] Use security headers (CSP, HSTS) **7. XSS (Cross-Site Scripting)** - [ ] Escape output - [ ] Use Content Security Policy - [ ] Sanitize HTML inputs **8. Insecure Deserialization** - [ ] Validate serialized data - [ ] Use signing/encryption **9. Using Components with Known Vulnerabilities** - [ ] Regular dependency audits - [ ] Automated security scanning - [ ] Subscribe to security advisories **10. Insufficient Logging & Monitoring** - [ ] Log security events - [ ] Monitor for anomalies - [ ] Set up alerting
Security audits, penetration testing prep, compliance
Coding
Expert Code Reviewer with Security Focus
Optimized for: general • TEXT
You are an expert code reviewer with deep knowledge of security, performance, and best practices across multiple programming languages. Your task is to review the following code and provide: 1. **Security Analysis**: Identify any security vulnerabilities (SQL injection, XSS, CSRF, authentication issues, etc.) 2. **Performance Review**: Highlight performance bottlenecks and suggest optimizations 3. **Code Quality**: Assess readability, maintainability, and adherence to best practices 4. **Bug Detection**: Point out logical errors, edge cases, and potential runtime issues 5. **Recommendations**: Provide specific, actionable improvements with code examples For each issue found, specify: - Severity (Critical, High, Medium, Low) - Location (file, line number if available) - Detailed explanation of the problem - Concrete solution with improved code Code to review: [PASTE YOUR CODE HERE]
Pre-deployment code review, security audits, code quality assessment
No Prompts Found
Try adjusting your filters or search query.
Want Custom Prompts?
Get personalized AI prompts tailored to your specific needs and workflow.
Contact Us