20 of the best prompts for preventing security vulnerabilities in code, step by step across 4 stages. Works with ChatGPT, Claude, and Gemini.
20 of the best prompts for preventing security vulnerabilities in code, step by step across 4 stages. Works with ChatGPT, Claude, and Gemini.
The generated code is introducing SQL injection, XSS, or path traversal vulnerabilities, which can compromise application security. If left unaddressed, these vulnerabilities can lead to data breaches or unauthorized access. By following this guide, developers can ensure that the generated code adheres to security best practices and mitigates risks. Built across 4 distinct stages covering Diagnose the Wall, Isolate and Fix, Verify the Resolution and more, this guide gives you one expert prompt per step so you never have to write from scratch or guess what the AI needs. The prompts work in ChatGPT, Claude, and Gemini and are designed to get usable output on the first try.
Before attempting any fix, examine the specific vulnerabilities introduced in the generated code. Look for instances of SQL queries, user input handling, or file path manipulations.
Quote the Vulnerable Code Segment
Please quote the exact SQL query generated in the last output that is vulnerable to SQL injection. Additionally, identify the specific input handling that led to this vulnerability and explain how it contributes to the risk. Format your response by clearly separating the quoted SQL query and the analysis of the input handling.
Paste the Vulnerable Function
Please analyze the following function that handles user input in my project, specifically the one that processes SQL queries or file paths: [FUNCTION CODE]. Identify potential security vulnerabilities within this function, explain how they could be exploited, and suggest specific improvements to mitigate these risks. Format your response in a structured manner, detailing each vulnerability and the corresponding recommendation.
Interpret Your Last Instruction
Please explain your understanding of my request to generate secure code. Identify the specific security measures you were expected to implement based on my previous instructions. Provide a detailed analysis of how these measures contribute to overall code security and any potential vulnerabilities that may arise if they are not addressed.
Expected vs. Actual Security Behavior
Identify the expected security behavior for user input handling in SQL queries in comparison to the actual output generated in the last execution. Please provide a detailed analysis that highlights any discrepancies between the expected and actual behaviors. Include specific examples of potential vulnerabilities that were identified and suggest improvements to align the actual behavior with security best practices.
Identify Violated Security Constraints
Analyze the last generated code and identify any violated security constraints. For each violation, quote the exact rule or guideline that was not adhered to, and provide a brief explanation of the implications of each violation. Format your response as a list, clearly labeling each violation with its corresponding guideline.
Target the specific areas in the code that introduce vulnerabilities, such as SQL queries or user input handling.
Fix SQL Injection Vulnerability
Identify the SQL injection vulnerability in the function located at [FILE]:[LINE]. Provide a detailed explanation of why the current SQL query is susceptible to injection attacks. Then, rewrite the query to use parameterized queries for improved security. Finally, show me the diff of the changes made before applying them to the codebase.
Rewrite Input Validation Logic
Rewrite the input validation logic in the code located at [FILE] on line [LINE]. Ensure that the new logic properly sanitizes user input to prevent security vulnerabilities. Provide the revised code segment along with a detailed explanation of the changes made and the rationale behind them.
Scope Change for Path Traversal
In the path handling function located at [FILE]:[LINE], please restrict the input to a predefined set of allowed paths. Provide the updated code that implements this restriction and confirm that it effectively prevents path traversal vulnerabilities. Additionally, include a brief explanation of how the changes improve security.
Enforce Output Encoding
Please review the output rendering section in the file located at [FILE] on line [LINE]. Ensure that all user-generated content is properly encoded to prevent XSS vulnerabilities. Provide the updated code snippet along with a brief explanation of the changes made and how they enhance security.
Correct Dependency for Security Library
Examine the dependencies listed in the package.json file for the project. Identify any security libraries that are missing and provide a list of these libraries. For each missing library, include instructions on how to add it to the package.json and confirm its installation. Finally, summarize the steps taken to ensure that all necessary security libraries are now included and properly installed.
Confirm that the vulnerabilities have been addressed and that the code behaves as expected.
Run Security Tests
Please run security tests on the modified code provided below: [CODE SNIPPET]. Confirm whether any SQL injection vulnerabilities have been resolved and provide a detailed report of the test results, including any remaining vulnerabilities, their severity, and recommended actions for further mitigation.
Show Diff of Changes Made
Please provide a detailed diff of the changes made to the vulnerable function in [FILE]. Ensure that you highlight all modifications and confirm that each identified vulnerability has been adequately addressed. Additionally, summarize any potential impacts these changes may have on the overall functionality of the code.
Replay Vulnerable Scenario
Please replay the original scenario that exposed the vulnerabilities in the code: [CODE SNIPPET]. Confirm whether the same security issues are still present by providing a detailed analysis of the results. Include any new findings or changes in behavior, and summarize the effectiveness of the resolution in preventing these vulnerabilities.
Check Edge Cases for Input Handling
Please analyze the modified function for user input handling and identify any potential edge cases that may not be securely managed. Provide a detailed report that includes a list of the edge cases tested, the results of each test, and any vulnerabilities found. Additionally, suggest specific improvements or changes that can be made to ensure secure handling of all identified edge cases.
Confirm Updated File State
Please verify the state of [FILE] after the recent changes have been made. Check to ensure that it no longer contains any vulnerabilities related to SQL injection, XSS, or path traversal. Provide a detailed report outlining any remaining issues, along with recommendations for further improvements if necessary.
Create artefacts that help prevent similar vulnerabilities from occurring in the future.
Security Check Before Deployment
Before any deployment step, please verify that all SQL queries in this project use parameterized statements and that all user inputs are properly sanitized. If any of these checks fail, stop the deployment process and alert the developer immediately. Ensure that no deployment occurs without passing these essential security checks to prevent potential vulnerabilities.
Input Validation Convention
Generate a project convention message that emphasizes the importance of input validation and sanitization for security compliance. The message should state: "All user inputs must be validated and sanitized before processing." Additionally, include a specific format for the validation, such as "[VALIDATION FUNCTION]", and provide a brief explanation of why this practice is crucial for preventing security vulnerabilities. Ensure the message is clear and actionable for the development team.
XSS Prevention Code Comment
Please add a code comment in [FILE] that clearly states the importance of preventing XSS attacks. The comment should read: "Ensure all user-generated content is encoded before rendering to prevent XSS attacks. Use [ENCODING FUNCTION] for compliance." This comment should be placed above the relevant code section to serve as a reminder for developers working on this file.
Security Dependency Reminder
Generate a reminder message for the project that emphasizes the importance of including security libraries in the package.json file. The message should state: "Always check for and include security libraries in package.json. Use [SECURITY LIBRARY] for SQL protection and [XSS LIBRARY] for output encoding." Ensure the message is clear and concise, and suggest a review process for regularly updating these libraries to maintain security standards.
Self-Check for Security Compliance
Create a self-check request for security compliance that verifies the following before generating code: all SQL queries must be parameterized, user inputs must be sanitized, and outputs must be encoded. If any of these security constraints are not met, the process should stop and an alert should be sent to the developer. Format the output as a clear checklist that can be easily referenced during the coding process.
Use parameterized queries in all SQL commands to prevent SQL injection. Replit's AI can generate code, but it may not enforce this security measure unless explicitly instructed.
Common XSS vulnerabilities arise from rendering user-generated content without proper encoding. Ensure that any output includes encoding functions to mitigate this risk.
Replit generates code based on natural language descriptions but may not inherently apply security best practices. Developers must specify security requirements in their prompts to enforce them.
Implement strict input validation to restrict file paths to a predefined set. Replit's AI can assist in generating this logic if you provide clear instructions.
Run security tests and check for vulnerabilities in the code before deployment. Replit allows you to execute tests, but you must ensure that security checks are included in your workflow.
AI Prompts for Identifying Security Vulnerabilities in Code
Generated code may introduce SQL injection, XSS, or path traversal vulnerabilities, which can compromise application security.
See promptsAI Prompts for Eliminating Security Vulnerabilities in Code
Cursor-generated code can introduce SQL injection, XSS, or path traversal vulnerabilities, which compromise application security.
See promptsAI Prompts for Preventing Security Vulnerabilities in Code
Windsurf sometimes introduces SQL injection, XSS, or path traversal vulnerabilities in generated code, which can lead to severe security breaches.
See prompts