Battle-tested AI prompts for software developers. From code review and debugging to architecture design, API development, testing strategies, and DevOps automation. Each prompt includes context variables and optimization tips.
#1Comprehensive Code Review with Security & Performance Audit+
You are a senior software engineer with 15+ years of experience in {language} and security best practices.
Review this code for:
1. Security vulnerabilities (OWASP Top 10)
2. Performance bottlenecks and memory leaks
3. Code smell and maintainability issues
4. Edge cases and error handling gaps
5. Adherence to {coding_standard, e.g., PEP 8, Airbnb JS}
Code:
```
{paste code here}
```
Context:
- This code is part of a {project_type, e.g., REST API, web app}
- It handles {functionality_description}
- Expected traffic: {requests_per_second}
- Database: {database_type}
For each issue found, provide:
- Severity: Critical / High / Medium / Low
- Location: Line number or function name
- Problem: What's wrong and why it matters
- Fix: Corrected code snippet
- Impact: What could happen if left unfixed
End with an overall code quality score (1-10) and top 3 priority fixes.
Tip: Include the full file, not just a snippet. The more context the AI has about imports, dependencies, and usage patterns, the deeper the review will be.
#2Pull Request Review with Constructive Feedback+
You are a tech lead reviewing a pull request. Your feedback style is constructive, specific, and educational.
PR Title: {pr_title}
PR Description: {pr_description}
Files changed: {number_of_files}
Diff:
```diff
{paste diff here}
```
Review the PR for:
1. Does it accomplish what the PR description claims?
2. Are there any bugs or logic errors?
3. Is the code readable and well-structured?
4. Are tests adequate for the changes?
5. Any potential regression risks?
6. Performance implications?
Format your review as GitHub PR comments:
- Use "MUST FIX" for blocking issues
- Use "SUGGESTION" for improvements
- Use "QUESTION" for clarification needs
- Use "PRAISE" for good patterns you notice
End with: Approve / Request Changes / Needs Discussion
Tip: Paste the actual git diff output for the most accurate review. Include the test files in the diff too.
#3Refactor Legacy Code to Modern Patterns+
You are a refactoring specialist. Modernize this legacy {language} code while preserving all existing behavior.
Legacy code:
```
{paste legacy code}
```
Current issues:
- {issue_1, e.g., "No separation of concerns"}
- {issue_2, e.g., "Deeply nested callbacks"}
- {issue_3, e.g., "No error handling"}
Target patterns: {patterns, e.g., "async/await, dependency injection, SOLID"}
Target version: {language_version, e.g., "Python 3.12", "Node 20"}
Requirements:
1. Refactor incrementally — show each step as a separate code block
2. Explain WHY each change improves the code
3. Maintain backward compatibility
4. Add type hints/annotations where applicable
5. Suggest tests that should be written to verify the refactoring
Output: Step-by-step refactoring with explanations, final clean code, and a migration checklist.
Tip: Specify the constraints — if you can't change the API surface, say so. If there are dependencies that must stay, list them.
#4Code Complexity Reducer+
Analyze this {language} code for complexity and simplify it without changing behavior.
```
{paste code}
```
Specifically:
1. Calculate cyclomatic complexity for each function
2. Identify functions exceeding complexity of 10
3. Break complex functions into smaller, single-responsibility functions
4. Replace nested conditionals with early returns or guard clauses
5. Extract magic numbers into named constants
6. Simplify boolean expressions
For each simplification:
- Show before and after
- Explain the complexity reduction
- Confirm behavior preservation
Target: Every function should have cyclomatic complexity under 10.
Tip: This works especially well on controller/handler functions that have accumulated complexity over time.
#5Documentation Generator from Code+
Generate comprehensive documentation for this {language} code.
```
{paste code}
```
Generate:
1. Module/file-level docstring explaining purpose and usage
2. Function/method docstrings with:
- Description of what it does
- Parameters with types and descriptions
- Return value description
- Exceptions that can be raised
- Usage example
3. Inline comments for non-obvious logic
4. A README section covering:
- Installation/setup
- Quick start example
- API reference table
- Common patterns and gotchas
Documentation style: {style, e.g., "Google style", "NumPy style", "JSDoc"}
Important: Do not change the code itself. Only add documentation.
Tip: Feed entire modules rather than individual functions. The AI writes better docs when it understands how pieces fit together.
#6Design Pattern Advisor+
Analyze this {language} codebase structure and recommend appropriate design patterns.
Current code structure:
```
{paste code or describe architecture}
```
The code currently handles: {functionality}
Pain points: {problems, e.g., "hard to test", "too many conditionals"}
Future requirements: {upcoming_features}
For each recommended pattern:
1. Name the pattern and explain why it fits
2. Show a concrete implementation using my actual code
3. Before/after comparison
4. Trade-offs (what you gain vs. added complexity)
5. When this pattern would be overkill
Limit to 3 most impactful patterns. Don't suggest patterns for the sake of patterns.
Tip: Be specific about your pain points. "It's messy" is less useful than "Every time we add a payment method, we have to modify 5 files."
#7Error Handling Strategy Builder+
Design a comprehensive error handling strategy for this {language}{project_type}.
Current code with minimal error handling:
```
{paste code}
```
Requirements:
1. Create a custom error hierarchy for this domain
2. Add try/catch blocks with specific error types
3. Implement retry logic for transient failures
4. Add structured logging for each error path
5. Create user-friendly error messages (separate from internal logs)
6. Implement graceful degradation where possible
7. Add circuit breaker pattern for external service calls
Context:
- External services used: {services, e.g., "PostgreSQL, Redis, Stripe API"}
- Error reporting tool: {tool, e.g., "Sentry, Datadog"}
- User-facing? {yes/no}
Output: Refactored code with complete error handling + error hierarchy diagram.
Tip: Mention which errors your users currently see. The AI can design better error messages when it knows the user experience gap.
#8Type Safety Migration Guide+
Migrate this {source, e.g., "JavaScript"} code to {target, e.g., "TypeScript"} with strict type safety.
Current code:
```
{paste code}
```
Requirements:
1. Add strict types to all function signatures
2. Define interfaces for all data structures
3. Replace `any` types with proper generics
4. Add type guards for runtime type checking
5. Handle nullable values explicitly
6. Create utility types where patterns repeat
Configuration: Use {strict_mode, e.g., "strict: true in tsconfig"}
External types needed: {libraries, e.g., "@types/express, @types/node"}
Output:
- Fully typed code
- Interface/type definitions file
- Migration notes for team members
- Common gotchas to watch for
Tip: Include your API response shapes if available. Type safety is most valuable at the boundary between your code and external data.
#9Dependency Audit & Cleanup+
Audit the dependencies in this {language} project and recommend cleanup.
Package file:
```
{paste package.json / requirements.txt / Cargo.toml / etc.}
```
Source code imports:
```
{paste import statements from main files}
```
Analyze:
1. Unused dependencies (listed but never imported)
2. Duplicate functionality (two libs doing the same thing)
3. Security vulnerabilities (known CVEs)
4. Outdated packages with breaking changes
5. Heavy dependencies that could be replaced with lighter alternatives
6. Dependencies that could be replaced with built-in language features
For each recommendation:
- Action: Remove / Replace / Update / Keep
- Reason: Why this change matters
- Impact: Bundle size / security / performance improvement
- Migration: Steps to make the change safely
Output: Prioritized action list with estimated impact.
Tip: Paste the lock file too (package-lock.json) for deeper dependency tree analysis.
#10Code Performance Profiler+
Profile this {language} code for performance and suggest optimizations.
```
{paste code}
```
Context:
- This runs {frequency, e.g., "1000 times/second"}
- Data size: {data_size, e.g., "10k records per call"}
- Current response time: {current_time, e.g., "450ms"}
- Target response time: {target_time, e.g., "under 100ms"}
Analyze:
1. Time complexity of each function (Big O)
2. Space complexity and memory allocation patterns
3. Database query efficiency (N+1 problems, missing indexes)
4. Unnecessary computations or redundant operations
5. Opportunities for caching, memoization, or lazy evaluation
6. Parallelization opportunities
For each optimization:
- Expected improvement: X% faster / Xms reduction
- Implementation complexity: Easy / Medium / Hard
- Trade-off: What you sacrifice (readability, memory, etc.)
Prioritize by impact-to-effort ratio.
Tip: If you have profiling data (flame graphs, slow query logs), include it. Real measurements beat theoretical analysis.