20 of the best prompts for eliminating security vulnerabilities in code, step by step across 4 stages. Works with ChatGPT, Claude, and Gemini.
20 of the best prompts for eliminating security vulnerabilities in code, step by step across 4 stages. Works with ChatGPT, Claude, and Gemini.
Cursor-generated code can introduce SQL injection, XSS, or path traversal vulnerabilities, which compromise application security. These vulnerabilities can lead to unauthorized data access or system breaches. These prompts help developers identify, fix, and prevent such vulnerabilities, ensuring robust security in their codebase. Built across 4 distinct stages covering Diagnose the Wall, Isolate and Fix, Verify the Resolution and more, this guide gives you one expert prompt per step so you never have to write from scratch or guess what the AI needs. The prompts work in ChatGPT, Claude, and Gemini and are designed to get usable output on the first try.
Identify the specific vulnerability type and location in the code.
Identify Vulnerability Type
Analyze the following code snippet for security vulnerabilities: [PASTE CODE]. Identify any potential issues related to SQL injection, cross-site scripting (XSS), or path traversal. For each vulnerability you find, provide a detailed explanation of how it can be exploited, the potential impact on the application, and recommendations for mitigating these risks. Structure your response clearly, outlining each vulnerability type separately with examples where applicable.
Locate Vulnerability Source
Analyze the following code for security vulnerabilities: [PASTE CODE]. Identify the specific line or function where the vulnerability is introduced and explain why it poses a security risk. Additionally, suggest potential fixes or improvements to mitigate this vulnerability. Format your response clearly, including the line number, a concise explanation of the vulnerability, and recommended solutions.
Check for SQL Injection
Review the following database interaction code for potential SQL injection vulnerabilities: [PASTE CODE]. Analyze the code line by line and identify any areas where user input could be improperly handled, leading to SQL injection risks. Provide a detailed explanation of each identified vulnerability, including how it could be exploited and recommendations for securing the code against such attacks. Format your response as a report with clear headings for each vulnerability and suggested mitigation strategies.
Detect XSS Risks
Please examine the following HTML/JS code for potential XSS vulnerabilities: [PASTE CODE]. Identify and highlight any specific sections that may be susceptible to cross-site scripting attacks. Additionally, provide a brief explanation of why each identified part is vulnerable and suggest best practices for mitigating these risks. Format your response in a clear, structured manner, detailing each vulnerability and the corresponding mitigation strategy.
Assess Path Traversal
Please analyze the following file handling code for potential path traversal vulnerabilities: [PASTE CODE]. Look for any unsafe operations or coding practices that could allow an attacker to manipulate file paths and access unauthorized files. Provide a detailed report outlining the specific lines of code that are problematic, explain why they are unsafe, and suggest best practices or code modifications to mitigate these vulnerabilities.
Focus on correcting the identified vulnerabilities without introducing new issues.
Fix SQL Injection
Please rewrite the following SQL query to prevent SQL injection vulnerabilities: [PASTE QUERY]. Ensure that you use parameterized queries or Object-Relational Mapping (ORM) methods in your solution. Provide a clear explanation of the changes made and how they enhance security. Additionally, include best practices for preventing SQL injection in future queries.
Sanitize User Input
Please modify the following input handling code to sanitize user inputs and prevent cross-site scripting (XSS) vulnerabilities: [PASTE CODE]. Detail the specific changes you made to the code, explaining how each change contributes to improved security. Additionally, provide a brief overview of common XSS attack vectors and how the modifications address these risks. Ensure the explanation is clear and concise, suitable for someone with a basic understanding of web security.
Secure File Paths
Refactor the following file access code to prevent path traversal vulnerabilities: [PASTE CODE]. Ensure that all file paths are properly validated and sanitized before any file operations are performed. Explain the changes made to enhance security, including any specific validation techniques used and how they mitigate the risk of path traversal attacks. Provide comments in the code to clarify the purpose of each modification and suggest best practices for secure file handling.
Implement Output Encoding
Please update the following HTML output code to include proper encoding techniques that mitigate XSS vulnerabilities: [PASTE CODE]. Ensure that you apply appropriate encoding methods for any dynamic content and explain the specific encoding techniques used in your solution. Additionally, provide a brief overview of how these techniques help prevent XSS attacks and any best practices to follow when implementing output encoding in web applications.
Use Security Libraries
Please analyze the following code snippet for potential security vulnerabilities: [PASTE CODE]. Based on your analysis, suggest a specific security library or function that can be integrated into the code to enhance its protection against known vulnerabilities. Explain how this library or function addresses the identified vulnerabilities and provide a brief example of how to implement it within the existing code structure.
Ensure the vulnerabilities are resolved and the code is secure.
Run Security Tests
Please execute a series of security tests on the following modified code: [PASTE CODE]. Focus on identifying any remaining vulnerabilities and ensure that all previously reported issues have been resolved. Provide a detailed report of your findings, including any new vulnerabilities discovered, their severity levels, and recommendations for remediation. Additionally, summarize the overall security posture of the code after testing.
Confirm SQL Safety
Please review the following SQL code for any potential injection vulnerabilities: [PASTE QUERY]. Analyze the structure and syntax of the query, and identify any areas that could be exploited by an attacker. Provide a detailed assessment of its security, including any recommendations for improvements or best practices to ensure it is safe for use in a production environment. Summarize your findings in a clear and concise manner.
Validate Input Handling
Please validate the updated input handling code to ensure it effectively prevents XSS (Cross-Site Scripting) vulnerabilities. I will provide the code snippet: [PASTE CODE]. Conduct a series of tests to check for potential XSS vulnerabilities, detailing the results of each test. Include information on any vulnerabilities found, the nature of the issues, and recommendations for further improvements if necessary. Format the results in a clear and structured report.
Check Path Security
Please review the following revised file handling code for any potential path traversal vulnerabilities: [PASTE CODE]. Analyze the code thoroughly to ensure that all path traversal issues have been addressed and that it adheres to security best practices. Provide a detailed assessment of any remaining risks or concerns, and confirm whether the code is safe for deployment. Include recommendations for any further improvements if necessary.
Verify Output Encoding
Analyze the updated HTML output provided below for proper encoding to prevent cross-site scripting (XSS) vulnerabilities. The code to review is: [PASTE CODE]. Please check for any instances where user input is not properly encoded and confirm whether the issue has been resolved. Additionally, provide a brief explanation of any changes made to ensure the output is secure and meets best practices for encoding.
Create artifacts to ensure future code generation avoids similar vulnerabilities.
Create SQL Safety Rule
Draft a new SQL safety rule for our coding guidelines document, CLAUDE.md, to enforce the use of parameterized queries in order to prevent SQL injection vulnerabilities. The rule should clearly outline the importance of using parameterized queries, provide examples of both unsafe and safe query practices, and include any relevant coding standards or best practices that developers should follow. Ensure the language is clear and concise, suitable for inclusion in a formal document, and provide the exact text that can be directly added to CLAUDE.md.
Add Input Sanitization Rule
Create a CLAUDE.md rule that ensures all user inputs are properly sanitized to prevent cross-site scripting (XSS) vulnerabilities. The rule should include specific guidelines for validating and encoding user inputs, detailing which characters or patterns to filter out. Additionally, provide examples of both safe and unsafe inputs to illustrate the importance of this sanitization process. Format the rule clearly so it can be easily implemented in a security policy document.
Develop Path Validation Rule
Please propose a CLAUDE.md rule that enforces path validation for file operations. The rule should specify the criteria for valid paths, including allowed characters, length restrictions, and any necessary patterns. Additionally, include examples of valid and invalid paths, and explain how this rule can help prevent security vulnerabilities related to file access. Format your response as a clear guideline that can be easily integrated into existing security protocols.
Establish Output Encoding Rule
Please create a detailed output encoding rule for CLAUDE.md that mandates the encoding of all HTML content. The rule should specify the types of content that require encoding, the encoding methods to be used, and any exceptions that may apply. Additionally, include examples of properly encoded HTML content and explain the importance of this rule in preventing security vulnerabilities. Format the rule clearly for easy reference and implementation.
Implement Security Checklist
Create a comprehensive session-opener checklist that ensures all necessary security checks are performed before generating code. The checklist should include items such as verifying the use of secure coding practices, conducting a threat model review, ensuring dependencies are up to date, confirming that input validation is in place, and checking for proper authentication and authorization mechanisms. Additionally, include steps for reviewing code for common vulnerabilities like SQL injection and cross-site scripting. Format the checklist in a clear, bulleted list for easy reference during the session.
Cursor generates code based on patterns it has learned, which may inadvertently include insecure practices like unsanitized inputs. It's crucial to review generated code for such vulnerabilities.
Cursor's context window is limited, so it may forget earlier interactions in long sessions. Regularly saving and reloading context can help maintain continuity.
Use a .cursorrules file to set project-specific guidelines. Ensure these rules are loaded at the start of each session to guide Cursor's code generation.
Regularly update your .cursorrules file with new security rules and review generated code for compliance. Consider providing feedback to improve Cursor's learning.
Cursor can suggest fixes based on identified vulnerabilities, but manual review and testing are essential to ensure the fixes are effective and do not introduce new issues.
AI Prompts for Identifying Security Vulnerabilities in Code
Generated code may introduce SQL injection, XSS, or path traversal vulnerabilities, which can compromise application security.
See promptsAI Prompts for Preventing Security Vulnerabilities in Code
The generated code is introducing SQL injection, XSS, or path traversal vulnerabilities, which can compromise application security.
See promptsAI Prompts for Preventing Security Vulnerabilities in Code
Windsurf sometimes introduces SQL injection, XSS, or path traversal vulnerabilities in generated code, which can lead to severe security breaches.
See prompts