developer security template risk: medium
Codebase Security Fix and Test Writer
Identifies security issues in the codebase flagged by code scanning, such as vulnerable user input in requests, fixes them without breaking existing functionality, and writes prope…
- Policy sensitive
- Human review
PROMPT
--- name: security-fixes description: in order to fix security issues in my codebase which is flagged by code scanning for refrences like user input comping as part o request could be vulnerable and how can we fix it --- # security fixes it should identify the issue and fix it with respect to current project checking it should not break the existing functionality and a proper test case should be written for the change ## Instructions check the issue fix it test case - Step 2: ...
REQUIRED CONTEXT
- code snippet
- security issue description
OPTIONAL CONTEXT
- project context
ROLES & RULES
- Check the issue
- Fix it
- Write test case
- Do not break existing functionality
- Write proper test case
EXPECTED OUTPUT
- Format
- structured_report
- Constraints
-
- do not break existing functionality
- include fixed code
- include test case
SUCCESS CRITERIA
- Identify security issues
- Fix issues without breaking functionality
- Write proper test cases
FAILURE MODES
- Might break existing functionality
- May not write adequate test cases
- May ignore project context
CAVEATS
- Dependencies
-
- Codebase
- Code scanning results
- Missing context
-
- Code snippet or codebase to analyze and fix.
- Programming language or framework.
- Input format (e.g., how to provide the flagged code).
- Output format for fixed code and test cases.
- Criteria for verifying 'does not break existing functionality'.
- Ambiguities
-
- Typos in description make it hard to parse: 'refrences' (references), 'comping' (coming), 'o' (of).
- Instructions are fragmented and incomplete: 'check the issue fix it test case - Step 2: ...' lacks structure.
- Unclear how the codebase or specific issue is provided as input.
QUALITY
- OVERALL
- 0.30
- CLARITY
- 0.30
- SPECIFICITY
- 0.20
- REUSABILITY
- 0.40
- COMPLETENESS
- 0.20
IMPROVEMENT SUGGESTIONS
- Fix all typos in the description for readability.
- Structure instructions as a clear numbered list: 1. Identify issue, 2. Propose fix, etc.
- Add a template placeholder like 'CODE_SNIPPET: [paste code here]' for reusability.
- Specify expected output: e.g., 'Output fixed code, explanation, and test case in markdown sections.'
- Include examples of common vulnerabilities and fixes.
USAGE
Copy the prompt above and paste it into your AI of choice — Claude, ChatGPT, Gemini, or anywhere else you're working. Replace any placeholder sections with your own context, then ask for the output.
MORE FOR DEVELOPER
- Python Security Code Auditordevelopersecurity
- Arcjet AI Endpoint Protection Implementerdevelopersecurity
- Multi-Layer Data Validation Implementerdevelopersecurity
- Git Diff Security Auditordevelopersecurity
- Cybersecurity Viral Tool Architectdevelopersecurity
- LLM Security Vulnerability Analyzerdevelopersecurity
- AI Agent Security Evaluation Checklist Creatordevelopersecurity
- Cyberscam Survival Simulator Specificationdevelopersecurity
- AI Agent Permissions Updater for Claude Geminidevelopersecurity
- GHAS Alerts and Repo Vulnerability Analyzerdevelopersecurity