AI Prompts for Preventing Security Vulnerabilities in Code

20 of the best prompts for preventing security vulnerabilities in code, step by step across 4 stages. Works with ChatGPT, Claude, and Gemini.

AI Prompts for Preventing Security Vulnerabilities in Code

20 of the best prompts for preventing security vulnerabilities in code, step by step across 4 stages. Works with ChatGPT, Claude, and Gemini.

Scroll to explore

Windsurf sometimes introduces SQL injection, XSS, or path traversal vulnerabilities in generated code, which can lead to severe security breaches. These vulnerabilities can compromise user data and system integrity. These prompts help developers identify, fix, and prevent such issues using Windsurf effectively. Built across 4 distinct stages covering Diagnose the Wall, Isolate and Fix, Verify the Resolution and more, this guide gives you one expert prompt per step so you never have to write from scratch or guess what the AI needs. The prompts work in ChatGPT, Claude, and Gemini and are designed to get usable output on the first try.

Diagnose the Wall

Identify the specific security vulnerability introduced by Windsurf.

Identify Vulnerability Type

Analyze the following code snippet for security vulnerabilities: [PASTE CODE]. Identify any potential issues related to SQL injection, XSS (Cross-Site Scripting), or path traversal vulnerabilities. For each identified vulnerability, explain how it can be exploited, detail the potential impact on the application, and suggest best practices for mitigating these vulnerabilities in the code.

Diagnose the Wall

Check Rule Compliance

Review the content of the CLAUDE.md file provided below: [PASTE CONTENT]. Summarize your understanding of each rule outlined in the document, and identify which specific rule should have been applied to the last task. Explain why this rule is relevant in this context, and present your response in a structured format that details each rule along with its significance.

Diagnose the Wall

Review Recent Changes

Please review the recent changes made to the codebase of [PROJECT NAME]. Identify any modifications that may have introduced security vulnerabilities, focusing on areas such as authentication, data handling, and third-party dependencies. Provide a detailed summary of your findings, including specific lines of code or files that are problematic, the potential impact of these vulnerabilities, and recommendations for remediation. Format the summary in bullet points for clarity and ease of understanding.

Diagnose the Wall

Analyze Code Context

Analyze the surrounding code context of the following snippet: [PASTE CODE]. Identify any potential security vulnerabilities that may arise from improper input handling or validation. Provide a detailed assessment that includes specific examples of the vulnerabilities found, their potential impact, and recommendations for how to mitigate these issues. Structure your response in a clear format, highlighting each vulnerability separately and explaining the reasoning behind your findings.

Diagnose the Wall

Evaluate Input Handling

Evaluate how user inputs are handled in the following function: [PASTE FUNCTION]. Analyze the input validation and sanitization processes to identify potential security vulnerabilities, including SQL injection, cross-site scripting, and buffer overflows. Provide specific examples of how these vulnerabilities could be exploited, and suggest safer alternatives or best practices for input handling to mitigate these risks. Format your response in a structured manner, including a summary of findings, recommended changes, and a prioritized list of actions to enhance security.

Diagnose the Wall

Isolate and Fix

Focus on isolating the specific vulnerability and applying a fix.

Apply Secure Coding Practices

Refactor the following code to eliminate SQL injection risks: [PASTE CODE]. Ensure that you use parameterized queries throughout the code. After making the changes, provide a detailed explanation of each modification, highlighting how it enhances security against SQL injection vulnerabilities. Additionally, list best practices for secure coding that can be applied in similar scenarios to prevent such vulnerabilities in the future.

Isolate and Fix

Sanitize User Inputs

Sanitize all user inputs in the following code snippet to prevent XSS attacks: [PASTE CODE]. Implement appropriate sanitization techniques for each input field, including escaping special characters and validating input formats. After updating the code, provide a detailed explanation of the sanitization process, outlining the methods used and how they mitigate XSS vulnerabilities. Additionally, format the response to clearly show the original code alongside the sanitized version for easy comparison, highlighting the changes made.

Isolate and Fix

Implement Path Validation

Implement path validation to prevent path traversal vulnerabilities in the following code: [PASTE CODE]. Modify the file handling logic to ensure that all paths are validated before any file operations are performed. Explain your approach in detail, including the specific checks you will implement to ensure that only safe paths are allowed. Provide examples of how this will protect against potential vulnerabilities, and outline any testing strategies to verify that the path validation is functioning correctly.

Isolate and Fix

Strengthen Input Validation

Enhance the input validation in the following function: [PASTE FUNCTION]. Specify the validation rules you will implement to mitigate potential security risks, including specific patterns, data types, or length constraints. Explain how these rules will improve the overall security of the function and prevent common vulnerabilities such as injection attacks or buffer overflows. Finally, provide a brief summary of the changes made and their expected impact on security.

Isolate and Fix

Review and Correct Logic

Review the logic in the following code block for potential security flaws: [PASTE CODE]. Identify any vulnerabilities or weaknesses present and correct them accordingly. For each change made, provide a detailed rationale explaining how the correction improves the security of the code. Furthermore, suggest at least three best practices that could be implemented to enhance the security of this code in the long term.

Isolate and Fix

Verify the Resolution

Ensure the applied fixes have resolved the security vulnerabilities.

Run Security Tests

Execute a comprehensive series of security tests on the updated code to verify that all SQL injection vulnerabilities have been effectively resolved. Provide a detailed report of the test results, including any vulnerabilities discovered, the testing methods employed, and recommendations for further improvements. Additionally, summarize the overall security posture of the application based on these tests and assess whether it meets the required security standards.

Verify the Resolution

Check Input Sanitization

Analyze the following code for proper input sanitization: [PASTE CODE]. Confirm whether all user inputs are adequately sanitized to prevent security vulnerabilities. Provide a detailed report of your findings, including any potential issues identified, suggestions for improvement, and the output of your verification process.

Verify the Resolution

Validate Path Security

Analyze the following code for any remaining path traversal vulnerabilities: [PASTE CODE]. Identify instances of such vulnerabilities, explain how they were mitigated, and summarize your validation process. Include details about the tests conducted, the results of those tests, and provide recommendations for further security improvements.

Verify the Resolution

Confirm Logic Integrity

Verify that the recent logic changes in the windsurf-generating system have not introduced any new security vulnerabilities. Provide a detailed summary of your verification findings, including the methods used for testing, any issues identified, and the steps taken to address them. Additionally, outline any recommendations for further improvements or monitoring that may be necessary to ensure ongoing security.

Verify the Resolution

Review Security Logs

Analyze the security logs from the recent implementation of fixes for vulnerabilities related to windsurf-generating security vulnerabilities. Confirm whether any new vulnerabilities have been introduced and highlight any suspicious activities or anomalies present in the logs. Summarize your findings in a structured report format, including key metrics such as the number of entries reviewed, any identified issues, and recommendations for further actions if necessary.

Verify the Resolution

Prevent Recurrence

Create mechanisms to prevent future introduction of similar vulnerabilities.

Draft New CLAUDE.md Rule

Draft a new rule for CLAUDE.md that addresses the recent security vulnerability identified in [SPECIFIC SYSTEM OR APPLICATION]. Include a detailed description of the vulnerability, outline the potential risks it poses, and specify the measures that should be implemented to prevent recurrence. Ensure the rule is formatted for clarity and ease of application, and provide examples of both proper and improper practices related to the vulnerability. Finally, deliver the exact text ready for inclusion in the CLAUDE.md document.

Prevent Recurrence

Create Security Checklist

Create a comprehensive security checklist for reviewing code changes to prevent vulnerabilities. Include specific steps for addressing common issues like SQL injection, cross-site scripting (XSS), and path traversal. For each vulnerability, outline key practices such as input validation, output encoding, and proper authentication measures. Additionally, recommend tools or techniques that can assist in identifying these vulnerabilities during the review process. Ensure the checklist is formatted clearly and organized for easy reference.

Prevent Recurrence

Suggest Naming Conventions

Propose a comprehensive set of naming conventions for variables and functions that enhance both code security and readability. Include specific examples for naming sensitive data variables, functions that handle user input, and other critical components. Explain the rationale behind each naming choice, detailing how it contributes to improved security practices. Additionally, outline guidelines for maintaining consistency across a codebase to ensure clarity and ease of understanding for all developers involved.

Prevent Recurrence

Develop Input Validation Guide

Create a comprehensive guide for implementing consistent input validation throughout the project. The guide should cover best practices for validating various data types, including [DATA_TYPES]. For each data type, provide clear examples detailing common validation techniques, potential vulnerabilities that can arise from improper validation, and specific strategies to mitigate these risks. Additionally, include a checklist that developers can use to ensure all input validation measures are in place before deployment. Aim for a structured format that is easy to follow and reference, ensuring clarity and usability for all team members.

Prevent Recurrence

Establish Code Review Protocol

Establish a comprehensive code review protocol that emphasizes security best practices. Outline the key areas to examine during the review, including input validation, authentication mechanisms, and data encryption. Additionally, create a detailed checklist of specific questions to ask during the reviews, focusing on potential vulnerabilities, adherence to security standards, and the handling of sensitive data. Ensure the checklist is structured for easy reference during the review process.

Prevent Recurrence

Frequently asked questions

How does Windsurf introduce security vulnerabilities?+

Windsurf can introduce security vulnerabilities when its AI-generated code does not adhere to secure coding practices, such as failing to sanitize inputs or validate paths. Understanding how to guide Windsurf with specific prompts can mitigate these risks.

Can Windsurf fix its own security issues?+

Yes, Windsurf can assist in fixing security issues if prompted correctly. By providing clear instructions and context, developers can leverage Windsurf's capabilities to refactor insecure code.

What are the best practices for using Windsurf securely?+

To use Windsurf securely, always review AI-generated code for vulnerabilities, apply secure coding practices, and utilize custom rules in CLAUDE.md to guide the AI's behavior.

How do I ensure Windsurf follows my project's security guidelines?+

Ensure that your project's security guidelines are clearly defined in the CLAUDE.md file. Regularly update and review these guidelines to align with best practices and use prompts to reinforce them.

What should I do if Windsurf breaks working code while fixing vulnerabilities?+

If Windsurf breaks working code, use its Cascade mode to review changes and revert any unintended modifications. Prompt Windsurf to focus on specific areas to minimize disruption.