Coding Prompts
Code Review
Get a thorough code review covering bugs, security, performance, and best practices.
Prompt
Please do a thorough code review of the following [LANGUAGE] code. **Context:** [CONTEXT] **Code:** ```[LANGUAGE] [CODE] ``` Review for each of the following dimensions and rate every finding as **Critical**, **Major**, or **Minor**: 1. **Bugs and logical errors** — incorrect behavior, off-by-one errors, race conditions, incorrect assumptions 2. **Security vulnerabilities** — injection risks, improper input validation, exposed secrets, insecure defaults, broken auth 3. **Performance issues** — unnecessary computation, N+1 queries, inefficient data structures, blocking operations 4. **Maintainability** — naming clarity, function length, tight coupling, missing abstractions, code duplication 5. **Error handling** — unhandled exceptions, swallowed errors, missing null checks, poor error messages For each finding: state the severity, quote the relevant line(s), explain the problem, and suggest the fix. End with a one-paragraph overall assessment.
How to Use
Paste any code you want reviewed before merging, deploying, or sharing with your team. The context field is important — briefly explain what the code does, where it runs (e.g., server-side, user-facing, internal tool), and any constraints it operates under. This allows the review to prioritize appropriately — a public API endpoint warrants stricter security scrutiny than an internal script.
Variables
| Variable | Description |
|---|---|
| [LANGUAGE] | Programming language (e.g., Python, TypeScript, Go, Java) |
| [CONTEXT] | A 1-3 sentence description of what this code does and how it is used. Example: "This is a Node.js Express middleware that authenticates incoming API requests by validating a JWT token. It runs on every protected route." |
| [CODE] | The code to review — paste the complete function, class, or module rather than fragments |
Tips
- Mention your deployment environment if relevant (e.g., "runs in a Lambda function with 512MB RAM" or "handles 10k requests/minute") so the model can calibrate performance and cost findings.
- If you only want one dimension reviewed (e.g., just security), say so — you'll get a much deeper analysis of that one area than a broad shallow sweep.