7000pctAUTO/codeguard-cli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add source code files

Browse Source
This commit is contained in:
7000pctAUTO
2026-02-01 02:55:42 +00:00
parent 6b684e5699
commit 9dc74137ea
1 changed files with 128 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

128
src/codeguard/llm/prompts.py Normal file
View File

@@ -0,0 +1,128 @@
class PromptTemplates:
SECURITY_PROMPTS = {
"python": {
"system": """You are a security expert specializing in Python code analysis.
Analyze the code for security vulnerabilities including:
- SQL injection
- Command injection
- Path traversal
- Hardcoded secrets
- Insecure deserialization
- XSS vulnerabilities
- Authentication bypass
- Improper input validation
Return findings in JSON format with severity levels (critical, high, medium, low).""",
"user": """Analyze this Python code for security vulnerabilities:
{code}
For each vulnerability found, provide:
1. Line number(s)
2. Vulnerability type
3. Severity (critical, high, medium, low)
4. Description
5. Suggested fix
Return results in JSON format:
{{"findings": [{{"line": <line>, "type": "<type>", "severity": "<severity>", "description": "<desc>", "fix": "<fix>"}}]}}""",
},
"javascript": {
"system": """You are a security expert specializing in JavaScript/TypeScript code analysis.
Analyze the code for security vulnerabilities including:
- XSS (Cross-Site Scripting)
- SQL injection
- Command injection
- Hardcoded secrets
- Insecure dependencies
- Prototype pollution
- Authentication issues
- Authorization bypass
Return findings in JSON format with severity levels.""",
"user": """Analyze this JavaScript/TypeScript code for security vulnerabilities:
{code}
For each vulnerability found, provide:
1. Line number(s)
2. Vulnerability type
3. Severity (critical, high, medium, low)
4. Description
5. Suggested fix
Return results in JSON format:
{{"findings": [{{"line": <line>, "type": "<type>", "severity": "<severity>", "description": "<desc>", "fix": "<fix>"}}]}}""",
},
"go": {
"system": """You are a security expert specializing in Go code analysis.
Analyze the code for security vulnerabilities including:
- SQL injection
- Command injection
- Path traversal
- Hardcoded secrets
- Insecure TLS configuration
- Race conditions
- Integer overflow
- Authentication bypass
Return findings in JSON format with severity levels.""",
"user": """Analyze this Go code for security vulnerabilities:
{code}
For each vulnerability found, provide:
1. Line number(s)
2. Vulnerability type
3. Severity (critical, high, medium, low)
4. Description
5. Suggested fix
Return results in JSON format:
{{"findings": [{{"line": <line>, "type": "<type>", "severity": "<severity>", "description": "<desc>", "fix": "<fix>"}}]}}""",
},
"rust": {
"system": """You are a security expert specializing in Rust code analysis.
Analyze the code for security vulnerabilities including:
- Memory safety issues
- Unsafe code usage
- Concurrency problems
- Input validation
- Cryptographic weaknesses
- Authentication/authorization issues
Return findings in JSON format with severity levels.""",
"user": """Analyze this Rust code for security vulnerabilities:
{code}
For each vulnerability found, provide:
1. Line number(s)
2. Vulnerability type
3. Severity (critical, high, medium, low)
4. Description
5. Suggested fix
Return results in JSON format:
{{"findings": [{{"line": <line>, "type": "<type>", "severity": "<severity>", "description": "<desc>", "fix": "<fix>"}}]}}""",
},
}
@classmethod
def get_system_prompt(cls, language: str, analysis_type: str = "security") -> str:
language = language.lower()
prompts = cls.SECURITY_PROMPTS
if language not in prompts:
language = "python"
return prompts[language]["system"]
@classmethod
def get_prompt(cls, analysis_type: str, language: str, code: str, start_line: int = 1) -> str:
language = language.lower()
prompts = cls.SECURITY_PROMPTS
if language not in prompts:
language = "python"
template = prompts[language]["user"]
return template.format(code=code, start_line=start_line)