Security Review Prompt

A structured ChatGPT prompt for reviewing code specifically for security vulnerabilities: injection risks, authentication gaps, authorization flaws, unsafe input handling, and credential exposure.

Syntax

chatgpt
Review this code for security vulnerabilities.

Focus on:
1. Injection: SQL, command, or query injection risks
2. Auth gaps: unauthenticated access to protected ops
3. Authorization: user A accessing user B's data
4. Input handling: user data in queries/HTML directly
5. Credentials: hardcoded secrets, logging of sensitive data

Format: [CRITICAL/HIGH/MEDIUM/LOW]
File:Line — Vulnerability
CRITICAL/HIGH: exact fix required.

Example

chatgpt
Review for security vulnerabilities.

[paste Supabase service file]

Focus on:
1. Queries returning data for a different user_id
   than the authenticated user
2. Missing user_id filter on SELECT/UPDATE/DELETE
3. User-supplied input used directly in queries
4. RLS policy gaps the client filters don't cover
5. Error messages revealing internal structure

Format: [CRITICAL/HIGH/MEDIUM/LOW]
File:Line — Vulnerability
CRITICAL: exact fix required.