Security-Focused Code Review
Code review prompt targeting OWASP-style security vulnerabilities with CWE references and attack scenarios.
Review this {{language}} code specifically for security vulnerabilities: ``` {{paste your code}} ``` Check for: 1. Injection attacks (SQL, XSS, command injection, path traversal) 2. Authentication/authorization flaws 3. Sensitive data exposure (logging secrets, hardcoded credentials) 4. Insecure deserialization 5. Missing input validation at trust boundaries For each vulnerability found: - Name the vulnerability type (e.g., "CWE-89: SQL Injection") - Show the vulnerable line - Explain the attack scenario - Provide the fixed code If no vulnerabilities are found, confirm the code is clean and note what was checked.
Variables to customize
Why this prompt works
Referencing CWE numbers gets ChatGPT to think in terms of specific vulnerability classes rather than vague security issues. The attack scenario requirement proves the vulnerability is real.
Save this prompt to your library
Organize, version, and access your best prompts across ChatGPT, Claude, and Cursor.
Related prompts
Get thorough code reviews with actionable feedback tailored to your language, framework, and standards.
Code Review with Specific CriteriaGet focused code review feedback with numbered criteria that works on both ChatGPT and Claude.
Explain Complex CodeGet a clear, leveled explanation of any code snippet — calibrated to your experience level.
Debug with ContextSystematic debugging prompt that includes context, error details, and what you've already tried.