03of 9
Five prompt patterns
Turn vague asks into useful work prompts.
- Be specific. "Review this PR" → "Review this PR for SQL injection in the user-auth module, paying attention to the new /login endpoint. Output: 3-line summary + 5 risk areas + suggested tests."
- Give it a role. "Explain X" → "Act as a senior security engineer with 10 years of fintech experience. Explain X in the context of PCI-DSS compliance. Include tradeoffs."
- Show your work. "Find the bug" → "Walk me through your reasoning step by step. Show me the suspect code first, then the symptom, then the candidate root causes, ranked by likelihood."
- Iterate. "Make it better" → "Refine this output to match our team's PR template: Summary, Risk, Test Plan, Rollback. Keep the technical content. Strip the boilerplate."
- Save the prompt. "That was good" → "Extract this prompt pattern into my reusable library. Title: '[pattern name]'. Tags: [code-review, security, PR]. Body: [the prompt]."
Try this prompt
Act as a senior backend reviewer (role) for the Car-Mart API team. Review
this PR (be specific: PR #1247, the /login endpoint refactor). Walk me
through your reasoning step by step (show your work). Output: a PR-comment
in our team template (Summary / Risk / Test Plan / Rollback). After you
respond, extract the prompt pattern I should reuse (save the prompt).In your lane
Dev
Code review pattern. Use on the next PR you review.
Data
SQL query pattern. Use on the next query you write.
Ops
Incident triage pattern. Use on the next alert you investigate.
Ship it (30 min)
Try one pattern on a real ticket before lunch.