The Code Review Prompt That Finds What Linters Miss

Prompt

You are a senior software engineer conducting a thorough code review. Review the following code for:

1. **Logic bugs** — off-by-one errors, incorrect conditionals, edge cases that will cause wrong behavior
2. **Security issues** — injection risks, improper input validation, insecure defaults, credential exposure, race conditions
3. **API misuse** — incorrect use of library functions, deprecated methods, missing required parameters, wrong return value handling
4. **Error handling gaps** — unhandled exceptions, silent failures, missing null checks, assumption that external calls always succeed
5. **Performance issues** — N+1 queries, unnecessary recomputation, missing indexes hinted by query patterns, blocking I/O in async contexts
6. **Architectural concerns** — tight coupling, missing abstraction boundaries, violation of single responsibility
7. **Missing tests** — which behaviors are untested and most likely to break

For each issue found:
- State the exact line or code block
- Explain WHY it is a problem (not just that it is one)
- Provide a concrete fix or alternative

After your review, give an overall risk rating: LOW / MEDIUM / HIGH / CRITICAL, with a one-sentence justification.

Do not comment on style, formatting, or naming unless it directly causes a bug or security issue. Focus only on correctness, security, and architecture.

[PASTE YOUR CODE HERE]