AI Prompts for Preventing Security Vulnerabilities in Code

20 of the best prompts for preventing security vulnerabilities in code, step by step across 4 stages. Works with ChatGPT, Claude, and Gemini.

AI Prompts for Preventing Security Vulnerabilities in Code

20 of the best prompts for preventing security vulnerabilities in code, step by step across 4 stages. Works with ChatGPT, Claude, and Gemini.

Scroll to explore

GitHub Copilot sometimes generates code with SQL injection, XSS, or path traversal vulnerabilities, which can lead to severe security breaches. These vulnerabilities can compromise data integrity and expose sensitive information. Using these prompts, developers can identify and fix these issues, ensuring secure and robust code generation. Built across 4 distinct stages covering Diagnose the Wall, Isolate and Fix, Verify the Resolution and more, this guide gives you one expert prompt per step so you never have to write from scratch or guess what the AI needs. The prompts work in ChatGPT, Claude, and Gemini and are designed to get usable output on the first try.

Diagnose the Wall

Identify the specific security vulnerability introduced by GitHub Copilot.

Identify SQL Injection

Analyze the following code for potential SQL injection vulnerabilities: [PASTE CODE]. Identify any areas where user input could be exploited and describe how these vulnerabilities could be mitigated. Include specific examples of the vulnerable code segments, the potential impact of the vulnerabilities, and best practices for securing the code against SQL injection attacks. Format your response as a comprehensive report with sections for findings, impact assessment, and recommended fixes.

Diagnose the Wall

Detect XSS Vulnerabilities

Examine the following HTML/JavaScript code for potential cross-site scripting (XSS) vulnerabilities: [PASTE CODE]. Identify any lines or sections that may pose security risks and provide a detailed explanation of why each identified area is considered vulnerable. Additionally, suggest best practices for mitigating these vulnerabilities to enhance the overall security of the code. Please format your findings in a clear, structured manner, including code snippets where applicable.

Diagnose the Wall

Check for Path Traversal

Please review the following file handling code for potential path traversal vulnerabilities: [PASTE CODE]. Analyze the code to identify any unsafe practices that could allow unauthorized access to the file system. Provide a detailed explanation of the vulnerabilities you find and suggest safer coding alternatives or best practices to mitigate these risks. Additionally, include examples of how to implement these safer practices in the code.

Diagnose the Wall

Analyze Input Validation

Please analyze the following code for proper input validation: [PASTE CODE]. Identify any missing or weak validation checks that could potentially lead to security vulnerabilities. For each issue you find, provide a brief explanation of why it is a concern and suggest improvements to enhance the security of the code. Additionally, summarize best practices for input validation that should be followed in similar scenarios.

Diagnose the Wall

Review Authentication Logic

Please review the authentication logic in the following code snippet: [PASTE CODE]. Analyze the code for potential security vulnerabilities, such as weaknesses in password handling, session management, or input validation. Provide a detailed report outlining any identified flaws, along with specific recommendations for improving the security of the authentication process. Additionally, suggest best practices that should be implemented to enhance overall security.

Diagnose the Wall

Isolate and Fix

Focus on correcting the identified vulnerabilities in the code.

Fix SQL Injection

Please rewrite the following SQL query to prevent SQL injection vulnerabilities: [PASTE CODE]. Ensure that you utilize parameterized queries or prepared statements in your solution. Additionally, explain the changes you made and why they enhance security. The final output should be a clear and secure version of the query, along with a brief summary of best practices for preventing SQL injection in future queries.

Isolate and Fix

Mitigate XSS Risks

Please review the following code snippet for potential XSS vulnerabilities: [PASTE CODE]. Identify specific areas where user inputs and outputs are not properly sanitized. Suggest detailed modifications to the code that will effectively sanitize these inputs and outputs, ensuring that they are safe from XSS attacks. Explain the rationale behind each change and how it contributes to enhancing the security of the application.

Isolate and Fix

Secure Path Handling

Refactor the following file path code to eliminate any potential path traversal risks: [PASTE CODE]. Provide a detailed explanation of the changes made and suggest safe handling methods that can be implemented to ensure secure path management. Additionally, outline any best practices for validating and sanitizing user input related to file paths to prevent security vulnerabilities.

Isolate and Fix

Enhance Input Validation

Please review the following code for input validation: [PASTE CODE]. Identify any potential security vulnerabilities related to input handling and suggest specific validations that should be implemented to enhance security. Provide a detailed list of the validations, including examples of how to implement them effectively, and explain the importance of each validation in preventing security issues. Additionally, recommend any best practices for maintaining secure input validation in future code.

Isolate and Fix

Strengthen Authentication

Revise the following authentication logic to enhance its security and close any potential vulnerabilities: [PASTE CODE]. Please provide a detailed explanation of the changes needed to ensure secure authentication practices are implemented. Include specific recommendations for improving password handling, session management, and any other relevant security measures. Additionally, outline how these changes will mitigate risks and improve overall security posture.

Isolate and Fix

Verify the Resolution

Ensure that the fixes have effectively resolved the vulnerabilities.

Confirm SQL Injection Fix

Please review the following SQL code for any remaining SQL injection vulnerabilities: [PASTE CODE]. Analyze the code thoroughly and identify any potential security flaws or areas that could be exploited. Provide a detailed assessment of its security, including recommendations for any necessary changes or improvements to ensure it is secure against SQL injection attacks. Summarize your findings in a clear and concise manner.

Verify the Resolution

Validate XSS Protection

Please analyze the following code for potential XSS vulnerabilities: [PASTE CODE]. Conduct a thorough review to ensure that all known issues have been effectively resolved. Provide a detailed report on any remaining vulnerabilities, including their locations in the code, the nature of the vulnerabilities, and recommendations for further improvements. Additionally, confirm that the implemented protections are functioning as intended and suggest any best practices for maintaining XSS security in future code updates.

Verify the Resolution

Test Path Security

Please evaluate the following refactored path handling code for potential traversal vulnerabilities: [PASTE CODE]. Analyze the logic and structure to identify any weaknesses that could allow unauthorized access to files or directories. Provide a detailed assessment of the code, highlighting any vulnerabilities found and suggesting improvements to enhance security. Additionally, explain how the proposed changes mitigate the identified risks and ensure safe path handling.

Verify the Resolution

Assess Input Validation

Please review the improved input validation in the following code: [PASTE CODE]. Assess whether it effectively prevents common security vulnerabilities such as SQL injection, cross-site scripting (XSS), and buffer overflows. Provide a detailed analysis of how the input validation works, any potential weaknesses that still exist, and suggestions for further improvements if necessary. Your response should be structured in three parts: an overview of the validation logic, an evaluation of its effectiveness against specific vulnerabilities, and recommendations for enhancing security.

Verify the Resolution

Verify Authentication Security

Please analyze the revised authentication logic provided below: [PASTE CODE]. Identify any potential security vulnerabilities that may still exist and ensure that all security flaws have been effectively addressed. Provide a detailed report highlighting any issues found, along with recommendations for improving the security of the authentication process. Include specific examples from the code to illustrate your points and suggest best practices for secure authentication.

Verify the Resolution

Prevent Recurrence

Create reusable artifacts to prevent future security vulnerabilities.

Create SQL Safety Rule

Draft a CLAUDE.md rule to enforce the use of parameterized queries in order to prevent SQL injection vulnerabilities. The rule should clearly outline the importance of parameterization, provide examples of both vulnerable and secure query implementations, and specify the consequences of not adhering to this rule. Include a section for best practices related to SQL query construction and any additional recommendations for ensuring database security. Format the rule in a clear and concise manner suitable for inclusion in a security policy document.

Prevent Recurrence

Draft XSS Prevention Comment

Create a detailed code comment template for preventing Cross-Site Scripting (XSS) vulnerabilities that can be included in relevant files. The comment should explain the importance of XSS prevention, outline best practices such as input validation, output encoding, and the use of security libraries. Additionally, include a reminder to regularly review and update security measures as new vulnerabilities are discovered. Format the comment in a way that it can be easily copied and pasted into code, ensuring it is clear and informative for future developers.

Prevent Recurrence

Establish Path Handling Checklist

Create a comprehensive checklist for secure path handling that can be utilized in future projects. The checklist should cover essential practices such as validating user input, normalizing file paths, implementing access controls, and preventing directory traversal attacks. Additionally, include guidelines for logging and monitoring path access, as well as recommendations for handling symbolic links and ensuring proper permissions. Format the checklist in a clear, organized manner with bullet points for easy reference.

Prevent Recurrence

Formulate Input Validation Rule

Please help me formulate a comprehensive input validation rule to prevent security vulnerabilities in my application. The rule should cover various types of input, including user-generated content, file uploads, and API requests. Include specific validation criteria such as length restrictions, allowed characters, and format checks. Additionally, provide examples of how to implement this rule in a CLAUDE.md format, ensuring it is clear and easy to understand for developers. The final output should be structured and detailed enough for practical application.

Prevent Recurrence

Define Authentication Security Guide

Write a comprehensive guide on secure authentication practices that can be included in project documentation. The guide should cover key topics such as password management, multi-factor authentication, session management, and secure storage of credentials. Include best practices for implementing these strategies, potential vulnerabilities to be aware of, and recommendations for tools or methods to enhance authentication security. Aim for a length of at least 500 words, structured with headings and bullet points for clarity.

Prevent Recurrence

Frequently asked questions

How does GitHub Copilot introduce security vulnerabilities?+

GitHub Copilot generates code based on patterns from its training data, which may include insecure coding practices. It doesn't inherently understand security contexts, so developers must review and secure the generated code.

Can GitHub Copilot detect security vulnerabilities?+

GitHub Copilot does not automatically detect vulnerabilities. It suggests code based on context, so developers need to manually review and test for security issues.

How can I ensure Copilot-generated code is secure?+

Regularly review and test the code for vulnerabilities like SQL injection, XSS, and path traversal. Use prompts to guide Copilot in generating secure code and verify the output.

Does Copilot learn from my code to improve security?+

GitHub Copilot does not learn from individual user code. It relies on its pre-trained model, so security improvements depend on user feedback and updates to its training data.

What should I do if Copilot suggests insecure code?+

Immediately review the suggestion, identify potential vulnerabilities, and use prompts to guide Copilot in generating a secure alternative. Always validate the final code for security.