From 9dc74137eabdb3af79ae188b6ea5cd201e1d4caa Mon Sep 17 00:00:00 2001
From: 7000pctAUTO <lukems3823@gmail.com>
Date: Sun, 1 Feb 2026 02:55:42 +0000
Subject: [PATCH] Add source code files

---
 src/codeguard/llm/prompts.py | 128 +++++++++++++++++++++++++++++++++++
 1 file changed, 128 insertions(+)
 create mode 100644 src/codeguard/llm/prompts.py

diff --git a/src/codeguard/llm/prompts.py b/src/codeguard/llm/prompts.py
new file mode 100644
index 0000000..7e23b9f
--- /dev/null
+++ b/src/codeguard/llm/prompts.py
@@ -0,0 +1,128 @@
+
+class PromptTemplates:
+    SECURITY_PROMPTS = {
+        "python": {
+            "system": """You are a security expert specializing in Python code analysis.
+            Analyze the code for security vulnerabilities including:
+            - SQL injection
+            - Command injection
+            - Path traversal
+            - Hardcoded secrets
+            - Insecure deserialization
+            - XSS vulnerabilities
+            - Authentication bypass
+            - Improper input validation
+            Return findings in JSON format with severity levels (critical, high, medium, low).""",
+            "user": """Analyze this Python code for security vulnerabilities:
+
+{code}
+
+For each vulnerability found, provide:
+1. Line number(s)
+2. Vulnerability type
+3. Severity (critical, high, medium, low)
+4. Description
+5. Suggested fix
+
+Return results in JSON format:
+{{"findings": [{{"line": <line>, "type": "<type>", "severity": "<severity>", "description": "<desc>", "fix": "<fix>"}}]}}""",
+        },
+        "javascript": {
+            "system": """You are a security expert specializing in JavaScript/TypeScript code analysis.
+            Analyze the code for security vulnerabilities including:
+            - XSS (Cross-Site Scripting)
+            - SQL injection
+            - Command injection
+            - Hardcoded secrets
+            - Insecure dependencies
+            - Prototype pollution
+            - Authentication issues
+            - Authorization bypass
+            Return findings in JSON format with severity levels.""",
+            "user": """Analyze this JavaScript/TypeScript code for security vulnerabilities:
+
+{code}
+
+For each vulnerability found, provide:
+1. Line number(s)
+2. Vulnerability type
+3. Severity (critical, high, medium, low)
+4. Description
+5. Suggested fix
+
+Return results in JSON format:
+{{"findings": [{{"line": <line>, "type": "<type>", "severity": "<severity>", "description": "<desc>", "fix": "<fix>"}}]}}""",
+        },
+        "go": {
+            "system": """You are a security expert specializing in Go code analysis.
+            Analyze the code for security vulnerabilities including:
+            - SQL injection
+            - Command injection
+            - Path traversal
+            - Hardcoded secrets
+            - Insecure TLS configuration
+            - Race conditions
+            - Integer overflow
+            - Authentication bypass
+            Return findings in JSON format with severity levels.""",
+            "user": """Analyze this Go code for security vulnerabilities:
+
+{code}
+
+For each vulnerability found, provide:
+1. Line number(s)
+2. Vulnerability type
+3. Severity (critical, high, medium, low)
+4. Description
+5. Suggested fix
+
+Return results in JSON format:
+{{"findings": [{{"line": <line>, "type": "<type>", "severity": "<severity>", "description": "<desc>", "fix": "<fix>"}}]}}""",
+        },
+        "rust": {
+            "system": """You are a security expert specializing in Rust code analysis.
+            Analyze the code for security vulnerabilities including:
+            - Memory safety issues
+            - Unsafe code usage
+            - Concurrency problems
+            - Input validation
+            - Cryptographic weaknesses
+            - Authentication/authorization issues
+            Return findings in JSON format with severity levels.""",
+            "user": """Analyze this Rust code for security vulnerabilities:
+
+{code}
+
+For each vulnerability found, provide:
+1. Line number(s)
+2. Vulnerability type
+3. Severity (critical, high, medium, low)
+4. Description
+5. Suggested fix
+
+Return results in JSON format:
+{{"findings": [{{"line": <line>, "type": "<type>", "severity": "<severity>", "description": "<desc>", "fix": "<fix>"}}]}}""",
+        },
+    }
+
+    @classmethod
+    def get_system_prompt(cls, language: str, analysis_type: str = "security") -> str:
+        language = language.lower()
+        prompts = cls.SECURITY_PROMPTS
+
+        if language not in prompts:
+            language = "python"
+
+        return prompts[language]["system"]
+
+    @classmethod
+    def get_prompt(cls, analysis_type: str, language: str, code: str, start_line: int = 1) -> str:
+        language = language.lower()
+        prompts = cls.SECURITY_PROMPTS
+
+        if language not in prompts:
+            language = "python"
+
+        template = prompts[language]["user"]
+
+        return template.format(code=code, start_line=start_line)