home/writing/security-prompt-2

Security.prompt

GPTClaudeGemini··1,022 copies·updated 2026-07-14
security-prompt-2.prompt
## Security Audit Framework

### Input Validation
- Are all user inputs validated and sanitized?
- Are there injection vectors (SQL, NoSQL, command, LDAP)?
- Are file paths validated against traversal attacks?

### Authentication & Authorization
- Are auth checks present on all protected routes?
- Are tokens validated correctly (JWT expiry, signature)?
- Is there proper session management?

### Data Protection
- Are secrets stored securely (not hardcoded)?
- Is sensitive data encrypted at rest and in transit?
- Are there data leaks in logs or error messages?

### Common Vulnerabilities
- XSS: Is output properly escaped?
- CSRF: Are anti-CSRF tokens used?
- SSRF: Are outbound requests validated?
- Rate limiting: Are endpoints protected?

### Recommendations
- List vulnerabilities by CVSS severity
- Provide specific remediation for each

when to use it

Community prompt sourced from the open-source GitHub repo N1KH1LT0X1N/Apex (MIT). A "Security.prompt" style prompt — adapt the placeholders and specifics to your task. Imported as-is and not independently retested here, so check the output before relying on it.

tags

writingcommunitygeneral

source

N1KH1LT0X1N/Apex · MIT