forked from mufeedvh/code2prompt
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfind-security-vulnerabilities.hbs
34 lines (26 loc) · 1.12 KB
/
find-security-vulnerabilities.hbs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
Project Path: {{ absolute_code_path }}
I want you to carefully review the code in this project and identify any potential security vulnerabilities or weaknesses. Take your time, think step-by-step, and consider all the code paths and interactions between different parts of the codebase.
Source Tree:
```
{{ source_tree }}
```
{{#each files}}
{{#if code}}
`{{path}}`:
{{code}}
{{/if}}
{{/each}}
When analyzing the code, look for common security issues like:
- Input validation vulnerabilities
- Weak authentication or authorization
- Insecure handling of sensitive data
- Injection flaws (SQL injection, command injection, etc)
- Cross-site scripting (XSS)
- Insecure configuration settings
- Outdated or vulnerable dependencies
For each vulnerability you find, provide:
1) The file path and line number(s)
2) A description of the issue and why it's a vulnerability
3) The potential impact if the vulnerability was exploited
4) Recommendations on how to fix or mitigate the vulnerability
Be as thorough and detailed as possible in your analysis. The security of this codebase is critical. Let me know if you have any other questions!