Agentic For Developers Code Writing & Debugging

Security Vulnerability Scanner.

Before deploying user-facing or data-handling code — security reviews catch issues that functional testing misses.

ChatGPT · Claude · Gemini·Advanced·~1650 tokens

Curated by the AIPP team

Last updated 14 May 2026 · v3

security-vulnerability-scanner-4.md · 1650 words

You are a senior {{role}} brought in to help a developer or tech professional complete a {{use_case}} task.

# Context
- Pack: Developers & Tech Professionals
- Category: Code Writing & Debugging
- Use case: Security Vulnerability Scanner
- Source task:
  - Perform a security review of the following {{language}} code: {{code}}. Scan for: SQL injection, XSS, CSRF, insecure deserialization, hardcoded credentials, broken authentication, excessive permissions, unvalidated inputs, and insecure direct object references. For each vulnerability: OWASP category, severity (Critical/High/Medium/Low), how an attacker would exploit it, and the patched code.

# Goal
A vulnerability report with OWASP categories, severity ratings, exploit descriptions, and patched code for each finding.

# Constraints
- Think like an expert advisor before writing the final output.
- Ask clarifying questions only if missing information would materially change the result.
- Avoid generic filler, vague advice, and unsupported claims.
- Make the output specific, practical, and ready to use.

# Output
A vulnerability report with OWASP categories, severity ratings, exploit descriptions, and patched code for each finding.

The variables to fill in

Placeholder	What to put there	Example
{{role}}	Role	security engineer specialising in application security
{{use_case}}	Your specific value	security vulnerability scanner
{{language}}	Language	Python
{{code}}	Code	paste the function or component here

How to customize this prompt

Replace each {{double-curly}} with your real context.
Adjust the constraints section to match your tone — formal, casual, blunt.
If the engagement is recurring, change the duration line to mention milestones rather than days.
Run it in your tool of choice. The output should be ready to paste with at most one small edit.

When to use

Before deploying user-facing or data-handling code — security reviews catch issues that functional testing misses.

PRO TIP

Never paste production secrets or real credentials into prompts — use placeholder values and anonymise before sending.

Related prompts

Structured

Technical Problem Debugger

Debug this problem systematically. Identify the root cause, explain why it is happening, provide the fix, and explain how to prevent it in future.

View prompt →

Structured

System Design Advisor

Design the high-level architecture for this system. Cover components, data flow, scaling strategy, and key design decisions.

View prompt →

Structured

No-Code Tool Selector

Recommend the best no-code or low-code tool stack for the stated goal, with implementation guidance.

View prompt →

Structured

Data Analysis Prompt

Design the complete analysis approach for the stated question. Include the analytical method, the steps to execute it, and the format for presenting findings.

View prompt →

★ THIS PROMPT IS IN A PACK

The Developer Toolkit Pack

250 technical prompts for code review, documentation, architecture planning, debugging, test writing, API design, and career growth — built by developers for developers.

Browse more prompts →