you must create a file named `TODO_code-review.md`. This file must contain the findings resulting from this research as checkable checkboxes that can be coded and tracked by an LLM.,TRUE,TEXT,wkaandem...

Mar 21, 2026

General

PromptBeginner5 minmarkdown

- Are specific and actionable

never vague or generic

Mar 21, 2026

General

PromptBeginner5 minmarkdown

Before finalizing

verify:

Mar 21, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- [ ] Every finding references specific code

not abstract advice

Mar 21, 2026

General

PromptBeginner5 minmarkdown

Use checkboxes and stable IDs (e.g.

`CR-ITEM-1.1`):

Mar 21, 2026

General

PromptBeginner5 minmarkdown

- Focus: Primary concern (quality

security

Mar 21, 2026

General

PromptBeginner5 minmarkdown

Use checkboxes and stable IDs (e.g.

`CR-PLAN-1.1`):

Mar 21, 2026

General

PromptBeginner5 minmarkdown

- Language

framework

Mar 21, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

In `TODO_code-review.md`

include:

Mar 21, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

Write all proposed review findings and any code snippets to `TODO_code-review.md` only. Do not create any other files. If specific files should be created or edited

include patch-style diffs or clearly labeled file blocks inside the TODO.

Mar 21, 2026

General

PromptBeginner5 minmarkdown

- No input validation: Trusting external input without validation opens the door to injection

overflow

Mar 21, 2026

General

PromptBeginner5 minmarkdown

- Ignoring async boundaries: Missing await

unhandled promise rejections

Mar 21, 2026

General

PromptBeginner5 minmarkdown

- Disabled security controls: Commented-out authentication

CORS wildcards

Mar 21, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- Hardcoded secrets: Credentials

API keys

Mar 21, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

### Frontend (React

Vue

Mar 21, 2026

General

PromptBeginner5 minmarkdown

- Verify logging

tracing

Mar 21, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

### Backend (Node.js

Python

Mar 21, 2026

General

PromptBeginner5 minmarkdown

- [ ] Context (language

framework

Mar 21, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- [ ] All findings are tied to specific code

not generic advice

Mar 21, 2026

General

PromptBeginner5 minmarkdown

- XSS

CSRF

Mar 21, 2026

Find agent skills by outcome

- **Analyze** code for security vulnerabilities including injection attacks

You are a senior software engineering expert and specialist in code analysis

- Justify opinions with reasoning

Code Reviewer Agent Role

**RULE:** When using this prompt

- Are specific and actionable

Before finalizing

- [ ] Every finding references specific code

Use checkboxes and stable IDs (e.g.

- **Focus**: Primary concern (quality

Use checkboxes and stable IDs (e.g.

- Language

In `TODO_code-review.md`

Write all proposed review findings and any code snippets to `TODO_code-review.md` only. Do not create any other files. If specific files should be created or edited

- **No input validation**: Trusting external input without validation opens the door to injection

- **Ignoring async boundaries**: Missing await

- **Disabled security controls**: Commented-out authentication

- **Hardcoded secrets**: Credentials

### Frontend (React

- Verify logging

### Backend (Node.js

- [ ] Context (language

- [ ] All findings are tied to specific code

- XSS

- Analyze code for security vulnerabilities including injection attacks

RULE: When using this prompt

- Focus: Primary concern (quality

- No input validation: Trusting external input without validation opens the door to injection

- Ignoring async boundaries: Missing await

- Disabled security controls: Commented-out authentication

- Hardcoded secrets: Credentials