Security Review Prompt
A structured ChatGPT prompt for reviewing code specifically for security vulnerabilities: injection risks, authentication gaps, authorization flaws, unsafe input handling, and credential exposure.
Syntax
chatgpt
Review this code for security vulnerabilities.
Focus on:
1. Injection: SQL, command, or query injection risks
2. Auth gaps: unauthenticated access to protected ops
3. Authorization: user A accessing user B's data
4. Input handling: user data in queries/HTML directly
5. Credentials: hardcoded secrets, logging of sensitive data
Format: [CRITICAL/HIGH/MEDIUM/LOW]
File:Line — Vulnerability
CRITICAL/HIGH: exact fix required.Example
chatgpt
Review for security vulnerabilities.
[paste Supabase service file]
Focus on:
1. Queries returning data for a different user_id
than the authenticated user
2. Missing user_id filter on SELECT/UPDATE/DELETE
3. User-supplied input used directly in queries
4. RLS policy gaps the client filters don't cover
5. Error messages revealing internal structure
Format: [CRITICAL/HIGH/MEDIUM/LOW]
File:Line — Vulnerability
CRITICAL: exact fix required.