Automated Code Review Prompts - AiPro Institute\u2122<\/title>\n <style>\n *{margin:0;padding:0;box-sizing:border-box}\n body{font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,'Helvetica Neue',Arial,sans-serif;line-height:1.6;color:#333;background:#fff;padding:2rem 1rem}\n .container{max-width:900px;margin:0 auto}\n .page-title{text-align:center;font-size:2.5rem;font-weight:700;background:linear-gradient(135deg,#667eea 0%,#764ba2 100%);-webkit-background-clip:text;-webkit-text-fill-color:transparent;background-clip:text;margin-bottom:2rem}\n .card{background:#fff;border-radius:12px;box-shadow:0 4px 6px rgba(0,0,0,.1);overflow:hidden;margin-bottom:2rem}\n .card-header{background:linear-gradient(135deg,#667eea 0%,#764ba2 100%);color:#fff;padding:2rem}\n .card-header h1{font-size:2rem;margin-bottom:.5rem}\n .card-header .subtitle{font-size:1.1rem;opacity:.95}\n .meta-badges,.tool-badges{display:flex;gap:.75rem;margin-top:1rem;flex-wrap:wrap}\n .badge{background:rgba(255,255,255,.2);padding:.4rem .9rem;border-radius:20px;font-size:.9rem;backdrop-filter:blur(10px)}\n .tool-badge{background:transparent;border:1px solid rgba(255,255,255,.4);padding:.4rem .9rem;border-radius:20px;font-size:.85rem}\n .card-body{padding:2.5rem}\n .section-title-container{display:flex;justify-content:space-between;align-items:center;margin:2.5rem 0 1.25rem 0}\n .section-title-container:first-child{margin-top:0}\n .section-title{font-size:1.75rem;color:#764ba2;border-left:4px solid #764ba2;padding-left:1rem;margin:0}\n .copy-button{background:linear-gradient(135deg,#667eea 0%,#764ba2 100%);color:#fff;border:none;padding:.6rem 1.5rem;border-radius:6px;cursor:pointer;font-size:.95rem;font-weight:500;transition:opacity .3s}\n .copy-button:hover{opacity:.9}\n .prompt-box{background:#f8f9fa;border:1px solid #dee2e6;border-radius:8px;padding:1.5rem;margin:1.25rem 0;font-family:'Courier New',monospace;font-size:.95rem;line-height:1.6;white-space:pre-wrap;overflow-x:auto}\n .placeholder{color:#fd7e14;font-weight:bold}\n .tip-box{background:#fff9e6;border-left:4px solid #ffc107;padding:1.25rem;margin:1.25rem 0;border-radius:4px}\n .tip-box strong{color:#f57c00}\n h3{color:#764ba2;font-size:1.35rem;margin:2rem 0 1rem 0}\n p{margin-bottom:1rem;line-height:1.8}\n ul,ol{margin-left:2rem;margin-bottom:1rem}\n li{margin-bottom:.5rem;line-height:1.8}\n .example-output{background:#f0f8ff;border:2px solid #4a90e2;border-radius:8px;padding:1.5rem;margin:1.25rem 0}\n .example-output h4{color:#4a90e2;margin-bottom:1rem}\n .chain-step{background:#f8f9fa;border-left:4px solid #667eea;padding:1.5rem;margin:1.5rem 0;border-radius:4px}\n .chain-step h4{color:#667eea;margin-bottom:.75rem}\n .footer{background:#f8f9fa;padding:2rem;margin-top:2rem;border-radius:8px;display:flex;justify-content:space-around;align-items:center;flex-wrap:wrap;gap:1.5rem}\n .footer-stat{text-align:center}\n .footer-stat-value{font-size:1.75rem;font-weight:700;color:#764ba2}\n .footer-stat-label{color:#666;font-size:.95rem}\n @media (max-width:768px){.page-title{font-size:1.75rem}.card-header h1{font-size:1.5rem}.card-body{padding:1.5rem}.section-title{font-size:1.35rem}.section-title-container{flex-direction:column;align-items:flex-start;gap:1rem}.footer{flex-direction:column}}\n <\/style>\n<\/head>\n<body>\n <div class=\"container\">\n <h1 class=\"page-title\">Automated Code Review Prompts<\/h1>\n\n <div class=\"card\">\n <div class=\"card-header\">\n <h1>Automated Code Review Prompts<\/h1>\n <p class=\"subtitle\">Problem Solving & Analysis<\/p>\n <div class=\"meta-badges\"><span class=\"badge\">\u23f1\ufe0f 20-35 minutes<\/span><span class=\"badge\">\ud83d\udcca Advanced<\/span><\/div>\n <div class=\"tool-badges\"><span class=\"tool-badge\">ChatGPT<\/span><span class=\"tool-badge\">Claude<\/span><span class=\"tool-badge\">Gemini<\/span><span class=\"tool-badge\">Perplexity<\/span><span class=\"tool-badge\">Grok<\/span><\/div>\n <\/div>\n\n <div class=\"card-body\">\n <div class=\"section-title-container\"><h2 class=\"section-title\">The Prompt<\/h2><button class=\"copy-button\" onclick=\"copyPrompt()\">\ud83d\udccb Copy Prompt<\/button><\/div>\n\n <div class=\"prompt-box\" id=\"promptContent\">You are a senior engineer performing a code review. Review the change below and produce an actionable PR review.\n\n<span class=\"placeholder\">[PR_TITLE]<\/span>\n\n<span class=\"placeholder\">[CONTEXT]<\/span> (what this PR is supposed to do, constraints)\n\n<span class=\"placeholder\">[DIFF_OR_CODE]<\/span> (paste diff, files changed, or key snippets)\n\n<span class=\"placeholder\">[LANGUAGE_STACK]<\/span> (e.g., Python + FastAPI, Node + Express, Java + Spring)\n\n<span class=\"placeholder\">[RISK_LEVEL]<\/span> (e.g., low, medium, high)\n\nUse the R.E.V.I.E.W. Framework:\n\n**R - Requirements**: does it meet acceptance criteria?\n**E - Edge cases**: inputs, error paths, concurrency\n**V - Vulnerabilities**: injection, secrets, auth, data leaks\n**I - Integrity**: correctness, idempotency, consistency\n**E - Efficiency**: complexity, N+1, caching, perf\n**W - Writeability**: readability, tests, maintainability\n\nDELIVER 12 SECTIONS:\n\n\u2713 1) Summary (what changed)\n\u2713 2) Approval Recommendation (Approve \/ Request Changes \/ Block)\n\u2713 3) Must-Fix Issues (P0)\n\u2713 4) Should-Fix Improvements (P1)\n\u2713 5) Nice-to-Have (P2)\n\u2713 6) Correctness Risks\n\u2713 7) Security Risks\n\u2713 8) Performance Risks\n\u2713 9) Testing Gaps (unit\/integration)\n\u2713 10) Observability (logs\/metrics\/traces)\n\u2713 11) Suggested Patch Snippets (where possible)\n\u2713 12) Merge Checklist\n\nRULES:\n- Be specific: point to exact code lines\/snippets\n- Suggest tests that would fail before and pass after\n- If risk is high, require a rollout plan and monitoring\n<\/div>\n\n <div class=\"tip-box\"><strong>\ud83d\udca1 Pro Tip:<\/strong> The best code review comments are testable. If you can\u2019t describe a failing test case for an issue, it\u2019s probably a preference, not a bug.<\/div>\n\n <div class=\"section-title-container\"><h2 class=\"section-title\">The Logic<\/h2><\/div>\n\n <h3>1. Separating P0\/P1\/P2 Keeps Reviews Focused and Reduces Conflict<\/h3>\n <p><strong>WHY IT WORKS:<\/strong> Reviews fail when everything is treated equally. Categorizing feedback into Must-Fix (blocking), Should-Fix, and Nice-to-Have prevents bikeshedding and accelerates merges. It also reduces emotional conflict: authors can accept optional suggestions without feeling forced. This creates a predictable review culture where \u201cRequest Changes\u201d has a clear meaning. Teams using priority buckets see fewer review cycles because authors fix the true blockers first.<\/p>\n <p><strong>EXAMPLE:<\/strong> A missing input validation that can crash production is P0. Renaming a variable is P2. Without this, reviewers may spend 30% of time on style debates while missing a race condition. Priority buckets ensure the PR improves safety and correctness without turning into a perfection contest.<\/p>\n\n <h3>2. Requirement Checks Prevent \u201cCorrect Code That Solves the Wrong Problem\u201d<\/h3>\n <p><strong>WHY IT WORKS:<\/strong> Many PRs pass tests but violate product requirements: incorrect edge behavior, missing constraints, incomplete acceptance criteria. A review that starts from requirements (what should change) catches mismatches early. This also avoids future rework: you don\u2019t merge a technically correct implementation that misses business expectations. Anchoring on requirements makes feedback objective and reduces subjective debate.<\/p>\n <p><strong>EXAMPLE:<\/strong> A PR claims to \u201cadd pagination\u201d but returns inconsistent ordering, causing users to see duplicates. The code might be correct locally but fails requirement \u201cstable pagination.\u201d A requirements-first review catches this and asks for sorting and cursor-based pagination. This prevents production incidents.<\/p>\n\n <h3>3. Security Lens Finds High-Impact Issues That Tests Often Miss<\/h3>\n <p><strong>WHY IT WORKS:<\/strong> Unit tests rarely cover adversarial inputs: SQL injection, path traversal, SSRF, auth bypass, secret leakage. A structured security review ensures these checks happen consistently. This is crucial because security defects can be catastrophic even if rare. Including security in every review builds a defensive engineering culture and reduces \u201csecurity as an afterthought.\u201d<\/p>\n <p><strong>EXAMPLE:<\/strong> If code builds SQL with string concatenation, that\u2019s a P0 injection risk even if tests pass. If logs include tokens, that\u2019s a secret leak risk. If request handlers lack auth checks, that\u2019s authorization bypass. These are not \u201cstyle\u201d; they are production-grade risks that a formal review must catch.<\/p>\n\n <h3>4. Correctness Checks Focus on Edge Cases and Concurrency<\/h3>\n <p><strong>WHY IT WORKS:<\/strong> Most production bugs come from edge cases: nulls, retries, timeouts, concurrency, partial failures. Code reviews that explicitly inspect these paths catch bugs before release. This also guides better tests: reviewers can request targeted cases that reproduce failures. For distributed systems, idempotency and retries are common blind spots\u2014reviews must surface them.<\/p>\n <p><strong>EXAMPLE:<\/strong> Payment webhook handler must be idempotent because providers retry. A review might require a deduplication key and DB constraint to prevent double charges. Or a background job might need a lock to prevent concurrent runs. These issues often don\u2019t appear in happy-path tests but cause serious incidents.<\/p>\n\n <h3>5. Observability Ensures You Can Debug What You Ship<\/h3>\n <p><strong>WHY IT WORKS:<\/strong> Even good code fails sometimes. Without logs, metrics, and traces, incidents become expensive investigations. Reviewing observability ensures the PR includes structured logging for failures, meaningful metrics (latency, error rate), and trace context for distributed flows. This is a reliability multiplier: it reduces mean time to detect and resolve issues. Observability is often skipped in feature-focused PRs; making it a review section improves operational maturity.<\/p>\n <p><strong>EXAMPLE:<\/strong> If a new endpoint calls an external service, include metrics: external call latency, timeout count, retry count. Add logs with request ids. Add trace spans. When the provider slows down, you\u2019ll know quickly. Teams that enforce observability in PRs respond faster to incidents and avoid \u201cwe don\u2019t know what happened\u201d crises.<\/p>\n\n <h3>6. Suggested Patch Snippets Convert Critique Into Momentum<\/h3>\n <p><strong>WHY IT WORKS:<\/strong> Reviews can stall when feedback is high-level (\u201chandle errors better\u201d). Providing patch snippets or pseudocode accelerates resolution and reduces misunderstanding. It also increases review quality: the reviewer must think through implementation. While reviewers shouldn\u2019t do the author\u2019s job, small snippets are effective for common patterns (input validation, safe SQL, retry backoff). This reduces review cycles and improves team velocity.<\/p>\n <p><strong>EXAMPLE:<\/strong> Instead of \u201cadd input validation,\u201d provide a snippet using pydantic schema with constraints. Instead of \u201cavoid SQL injection,\u201d show parameterized query. Instead of \u201cadd idempotency,\u201d suggest a unique index and early return. These concrete suggestions turn a review from a critique into a collaboration.<\/p>\n\n <div class=\"section-title-container\"><h2 class=\"section-title\">Example Output Preview<\/h2><\/div>\n <div class=\"example-output\">\n <h4>Sample: PR Review Summary (Realistic)<\/h4>\n <p><strong>PR:<\/strong> \u201cAdd webhook endpoint for payment provider callbacks.\u201d<\/p>\n <p><strong>Decision:<\/strong> Request Changes.<\/p>\n <p><strong>P0 Must-Fix:<\/strong> No signature verification \u2192 auth bypass; webhook retries can double-apply payment; missing timeout handling on downstream DB call.<\/p>\n <p><strong>P1 Should-Fix:<\/strong> Add structured logs with request id; add metric payment_webhook_processed_total; add integration test with retry scenario.<\/p>\n <p><strong>P2 Nice-to-Have:<\/strong> Rename variable \u2018data\u2019 to \u2018event\u2019; add docstring.<\/p>\n <p><strong>Suggested Patch:<\/strong> add HMAC verification middleware; enforce idempotency key with unique constraint; return 2xx on duplicate events.<\/p>\n <\/div>\n\n <div class=\"section-title-container\"><h2 class=\"section-title\">Prompt Chain Strategy<\/h2><\/div>\n <div class=\"chain-step\"><h4>Step 1: Review the PR<\/h4><p><strong>Prompt:<\/strong> Use the main Automated Code Review prompt with the diff.<\/p><p><strong>Expected Output:<\/strong> P0\/P1\/P2 feedback + patches + merge checklist.<\/p><\/div>\n <div class=\"chain-step\"><h4>Step 2: Turn Must-Fix Into Tests<\/h4><p><strong>Prompt:<\/strong> \u201cWrite tests that reproduce each P0 issue and then pass after fixes.\u201d<\/p><p><strong>Expected Output:<\/strong> A concrete test suite that enforces review findings.<\/p><\/div>\n <div class=\"chain-step\"><h4>Step 3: Rollout and Monitoring Plan (High Risk)<\/h4><p><strong>Prompt:<\/strong> \u201cCreate rollout steps, feature flags, dashboards, and alert thresholds for this change.\u201d<\/p><p><strong>Expected Output:<\/strong> Safe deployment plan.<\/p><\/div>\n\n <div class=\"section-title-container\"><h2 class=\"section-title\">Human-in-the-Loop Refinements<\/h2><\/div>\n <h3>Require a \u201cRisk Level\u201d Field in Every PR<\/h3>\n <p>Risk drives rigor. <strong>Technique:<\/strong> low\/med\/high with required checks per level.<\/p>\n <h3>Use a PR Checklist Template<\/h3>\n <p>Prevent omissions. <strong>Technique:<\/strong> tests, docs, observability, rollback plan.<\/p>\n <h3>Run a Security Checklist for External-Facing Endpoints<\/h3>\n <p>Focus on auth, validation, secrets. <strong>Technique:<\/strong> include signature verification and rate limiting.<\/p>\n <h3>Ask for Load\/Perf Evidence When Complexity Changes<\/h3>\n <p>Prevent regressions. <strong>Technique:<\/strong> benchmark or add metrics.<\/p>\n <h3>Enforce \u201cNo P0 Without Test\u201d<\/h3>\n <p>If it\u2019s a real bug, it should be testable. <strong>Technique:<\/strong> require reproduction tests.<\/p>\n <h3>Rotate Reviewers to Avoid Blind Spots<\/h3>\n <p>Fresh eyes catch issues. <strong>Technique:<\/strong> cross-team review for critical modules.<\/p>\n\n <div class=\"footer\">\n <div class=\"footer-stat\"><div class=\"footer-stat-value\">4.9\u2605<\/div><div class=\"footer-stat-label\">Average Rating<\/div><\/div>\n <div class=\"footer-stat\"><div class=\"footer-stat-value\">2,687<\/div><div class=\"footer-stat-label\">Times Copied<\/div><\/div>\n <div class=\"footer-stat\"><div class=\"footer-stat-value\">221<\/div><div class=\"footer-stat-label\">Reviews<\/div><\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n\n <script>\n function copyPrompt(){\n const promptContent=document.getElementById('promptContent').innerText;\n navigator.clipboard.writeText(promptContent).then(()=>{\n const button=document.querySelector('.copy-button');\n const originalText=button.innerHTML;\n button.innerHTML='\u2713 Copied!';\n setTimeout(()=>{button.innerHTML=originalText;},2000);\n }).catch(err=>console.error('Failed to copy text: ',err));\n }\n <\/script>\n<\/body>\n<\/html>\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>Automated Code Review Prompts – AiPro Institute\u2122 Automated Code Review Prompts Automated Code Review Prompts Problem Solving & Analysis \u23f1\ufe0f 20-35 minutes\ud83d\udcca Advanced ChatGPTClaudeGeminiPerplexityGrok The Prompt \ud83d\udccb Copy Prompt You are a senior engineer performing a code review. Review the change below and produce an actionable PR review. [PR_TITLE] [CONTEXT] (what this PR is supposed…<\/p>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[173],"tags":[],"class_list":["post-5648","post","type-post","status-publish","format-standard","hentry","category-problem-solving-analysis"],"acf":[],"_links":{"self":[{"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/posts\/5648","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/comments?post=5648"}],"version-history":[{"count":4,"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/posts\/5648\/revisions"}],"predecessor-version":[{"id":5698,"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/posts\/5648\/revisions\/5698"}],"wp:attachment":[{"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/media?parent=5648"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/categories?post=5648"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/tags?post=5648"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

\n\t\t\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t\t\n\n\n \n \n Automated Code Review Prompts - AiPro Institute\u2122<\/title>\n <style>\n *{margin:0;padding:0;box-sizing:border-box}\n body{font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,'Helvetica Neue',Arial,sans-serif;line-height:1.6;color:#333;background:#fff;padding:2rem 1rem}\n .container{max-width:900px;margin:0 auto}\n .page-title{text-align:center;font-size:2.5rem;font-weight:700;background:linear-gradient(135deg,#667eea 0%,#764ba2 100%);-webkit-background-clip:text;-webkit-text-fill-color:transparent;background-clip:text;margin-bottom:2rem}\n .card{background:#fff;border-radius:12px;box-shadow:0 4px 6px rgba(0,0,0,.1);overflow:hidden;margin-bottom:2rem}\n .card-header{background:linear-gradient(135deg,#667eea 0%,#764ba2 100%);color:#fff;padding:2rem}\n .card-header h1{font-size:2rem;margin-bottom:.5rem}\n .card-header .subtitle{font-size:1.1rem;opacity:.95}\n .meta-badges,.tool-badges{display:flex;gap:.75rem;margin-top:1rem;flex-wrap:wrap}\n .badge{background:rgba(255,255,255,.2);padding:.4rem .9rem;border-radius:20px;font-size:.9rem;backdrop-filter:blur(10px)}\n .tool-badge{background:transparent;border:1px solid rgba(255,255,255,.4);padding:.4rem .9rem;border-radius:20px;font-size:.85rem}\n .card-body{padding:2.5rem}\n .section-title-container{display:flex;justify-content:space-between;align-items:center;margin:2.5rem 0 1.25rem 0}\n .section-title-container:first-child{margin-top:0}\n .section-title{font-size:1.75rem;color:#764ba2;border-left:4px solid #764ba2;padding-left:1rem;margin:0}\n .copy-button{background:linear-gradient(135deg,#667eea 0%,#764ba2 100%);color:#fff;border:none;padding:.6rem 1.5rem;border-radius:6px;cursor:pointer;font-size:.95rem;font-weight:500;transition:opacity .3s}\n .copy-button:hover{opacity:.9}\n .prompt-box{background:#f8f9fa;border:1px solid #dee2e6;border-radius:8px;padding:1.5rem;margin:1.25rem 0;font-family:'Courier New',monospace;font-size:.95rem;line-height:1.6;white-space:pre-wrap;overflow-x:auto}\n .placeholder{color:#fd7e14;font-weight:bold}\n .tip-box{background:#fff9e6;border-left:4px solid #ffc107;padding:1.25rem;margin:1.25rem 0;border-radius:4px}\n .tip-box strong{color:#f57c00}\n h3{color:#764ba2;font-size:1.35rem;margin:2rem 0 1rem 0}\n p{margin-bottom:1rem;line-height:1.8}\n ul,ol{margin-left:2rem;margin-bottom:1rem}\n li{margin-bottom:.5rem;line-height:1.8}\n .example-output{background:#f0f8ff;border:2px solid #4a90e2;border-radius:8px;padding:1.5rem;margin:1.25rem 0}\n .example-output h4{color:#4a90e2;margin-bottom:1rem}\n .chain-step{background:#f8f9fa;border-left:4px solid #667eea;padding:1.5rem;margin:1.5rem 0;border-radius:4px}\n .chain-step h4{color:#667eea;margin-bottom:.75rem}\n .footer{background:#f8f9fa;padding:2rem;margin-top:2rem;border-radius:8px;display:flex;justify-content:space-around;align-items:center;flex-wrap:wrap;gap:1.5rem}\n .footer-stat{text-align:center}\n .footer-stat-value{font-size:1.75rem;font-weight:700;color:#764ba2}\n .footer-stat-label{color:#666;font-size:.95rem}\n @media (max-width:768px){.page-title{font-size:1.75rem}.card-header h1{font-size:1.5rem}.card-body{padding:1.5rem}.section-title{font-size:1.35rem}.section-title-container{flex-direction:column;align-items:flex-start;gap:1rem}.footer{flex-direction:column}}\n <\/style>\n<\/head>\n<body>\n <div class=\"container\">\n <h1 class=\"page-title\">Automated Code Review Prompts<\/h1>\n\n <div class=\"card\">\n <div class=\"card-header\">\n <h1>Automated Code Review Prompts<\/h1>\n <p class=\"subtitle\">Problem Solving & Analysis<\/p>\n <div class=\"meta-badges\"><span class=\"badge\">\u23f1\ufe0f 20-35 minutes<\/span><span class=\"badge\">\ud83d\udcca Advanced<\/span><\/div>\n <div class=\"tool-badges\"><span class=\"tool-badge\">ChatGPT<\/span><span class=\"tool-badge\">Claude<\/span><span class=\"tool-badge\">Gemini<\/span><span class=\"tool-badge\">Perplexity<\/span><span class=\"tool-badge\">Grok<\/span><\/div>\n <\/div>\n\n <div class=\"card-body\">\n <div class=\"section-title-container\"><h2 class=\"section-title\">The Prompt<\/h2><button class=\"copy-button\" onclick=\"copyPrompt()\">\ud83d\udccb Copy Prompt<\/button><\/div>\n\n <div class=\"prompt-box\" id=\"promptContent\">You are a senior engineer performing a code review. Review the change below and produce an actionable PR review.\n\n<span class=\"placeholder\">[PR_TITLE]<\/span>\n\n<span class=\"placeholder\">[CONTEXT]<\/span> (what this PR is supposed to do, constraints)\n\n<span class=\"placeholder\">[DIFF_OR_CODE]<\/span> (paste diff, files changed, or key snippets)\n\n<span class=\"placeholder\">[LANGUAGE_STACK]<\/span> (e.g., Python + FastAPI, Node + Express, Java + Spring)\n\n<span class=\"placeholder\">[RISK_LEVEL]<\/span> (e.g., low, medium, high)\n\nUse the R.E.V.I.E.W. Framework:\n\n**R - Requirements**: does it meet acceptance criteria?\n**E - Edge cases**: inputs, error paths, concurrency\n**V - Vulnerabilities**: injection, secrets, auth, data leaks\n**I - Integrity**: correctness, idempotency, consistency\n**E - Efficiency**: complexity, N+1, caching, perf\n**W - Writeability**: readability, tests, maintainability\n\nDELIVER 12 SECTIONS:\n\n\u2713 1) Summary (what changed)\n\u2713 2) Approval Recommendation (Approve \/ Request Changes \/ Block)\n\u2713 3) Must-Fix Issues (P0)\n\u2713 4) Should-Fix Improvements (P1)\n\u2713 5) Nice-to-Have (P2)\n\u2713 6) Correctness Risks\n\u2713 7) Security Risks\n\u2713 8) Performance Risks\n\u2713 9) Testing Gaps (unit\/integration)\n\u2713 10) Observability (logs\/metrics\/traces)\n\u2713 11) Suggested Patch Snippets (where possible)\n\u2713 12) Merge Checklist\n\nRULES:\n- Be specific: point to exact code lines\/snippets\n- Suggest tests that would fail before and pass after\n- If risk is high, require a rollout plan and monitoring\n<\/div>\n\n <div class=\"tip-box\"><strong>\ud83d\udca1 Pro Tip:<\/strong> The best code review comments are testable. If you can\u2019t describe a failing test case for an issue, it\u2019s probably a preference, not a bug.<\/div>\n\n <div class=\"section-title-container\"><h2 class=\"section-title\">The Logic<\/h2><\/div>\n\n <h3>1. Separating P0\/P1\/P2 Keeps Reviews Focused and Reduces Conflict<\/h3>\n <p><strong>WHY IT WORKS:<\/strong> Reviews fail when everything is treated equally. Categorizing feedback into Must-Fix (blocking), Should-Fix, and Nice-to-Have prevents bikeshedding and accelerates merges. It also reduces emotional conflict: authors can accept optional suggestions without feeling forced. This creates a predictable review culture where \u201cRequest Changes\u201d has a clear meaning. Teams using priority buckets see fewer review cycles because authors fix the true blockers first.<\/p>\n <p><strong>EXAMPLE:<\/strong> A missing input validation that can crash production is P0. Renaming a variable is P2. Without this, reviewers may spend 30% of time on style debates while missing a race condition. Priority buckets ensure the PR improves safety and correctness without turning into a perfection contest.<\/p>\n\n <h3>2. Requirement Checks Prevent \u201cCorrect Code That Solves the Wrong Problem\u201d<\/h3>\n <p><strong>WHY IT WORKS:<\/strong> Many PRs pass tests but violate product requirements: incorrect edge behavior, missing constraints, incomplete acceptance criteria. A review that starts from requirements (what should change) catches mismatches early. This also avoids future rework: you don\u2019t merge a technically correct implementation that misses business expectations. Anchoring on requirements makes feedback objective and reduces subjective debate.<\/p>\n <p><strong>EXAMPLE:<\/strong> A PR claims to \u201cadd pagination\u201d but returns inconsistent ordering, causing users to see duplicates. The code might be correct locally but fails requirement \u201cstable pagination.\u201d A requirements-first review catches this and asks for sorting and cursor-based pagination. This prevents production incidents.<\/p>\n\n <h3>3. Security Lens Finds High-Impact Issues That Tests Often Miss<\/h3>\n <p><strong>WHY IT WORKS:<\/strong> Unit tests rarely cover adversarial inputs: SQL injection, path traversal, SSRF, auth bypass, secret leakage. A structured security review ensures these checks happen consistently. This is crucial because security defects can be catastrophic even if rare. Including security in every review builds a defensive engineering culture and reduces \u201csecurity as an afterthought.\u201d<\/p>\n <p><strong>EXAMPLE:<\/strong> If code builds SQL with string concatenation, that\u2019s a P0 injection risk even if tests pass. If logs include tokens, that\u2019s a secret leak risk. If request handlers lack auth checks, that\u2019s authorization bypass. These are not \u201cstyle\u201d; they are production-grade risks that a formal review must catch.<\/p>\n\n <h3>4. Correctness Checks Focus on Edge Cases and Concurrency<\/h3>\n <p><strong>WHY IT WORKS:<\/strong> Most production bugs come from edge cases: nulls, retries, timeouts, concurrency, partial failures. Code reviews that explicitly inspect these paths catch bugs before release. This also guides better tests: reviewers can request targeted cases that reproduce failures. For distributed systems, idempotency and retries are common blind spots\u2014reviews must surface them.<\/p>\n <p><strong>EXAMPLE:<\/strong> Payment webhook handler must be idempotent because providers retry. A review might require a deduplication key and DB constraint to prevent double charges. Or a background job might need a lock to prevent concurrent runs. These issues often don\u2019t appear in happy-path tests but cause serious incidents.<\/p>\n\n <h3>5. Observability Ensures You Can Debug What You Ship<\/h3>\n <p><strong>WHY IT WORKS:<\/strong> Even good code fails sometimes. Without logs, metrics, and traces, incidents become expensive investigations. Reviewing observability ensures the PR includes structured logging for failures, meaningful metrics (latency, error rate), and trace context for distributed flows. This is a reliability multiplier: it reduces mean time to detect and resolve issues. Observability is often skipped in feature-focused PRs; making it a review section improves operational maturity.<\/p>\n <p><strong>EXAMPLE:<\/strong> If a new endpoint calls an external service, include metrics: external call latency, timeout count, retry count. Add logs with request ids. Add trace spans. When the provider slows down, you\u2019ll know quickly. Teams that enforce observability in PRs respond faster to incidents and avoid \u201cwe don\u2019t know what happened\u201d crises.<\/p>\n\n <h3>6. Suggested Patch Snippets Convert Critique Into Momentum<\/h3>\n <p><strong>WHY IT WORKS:<\/strong> Reviews can stall when feedback is high-level (\u201chandle errors better\u201d). Providing patch snippets or pseudocode accelerates resolution and reduces misunderstanding. It also increases review quality: the reviewer must think through implementation. While reviewers shouldn\u2019t do the author\u2019s job, small snippets are effective for common patterns (input validation, safe SQL, retry backoff). This reduces review cycles and improves team velocity.<\/p>\n <p><strong>EXAMPLE:<\/strong> Instead of \u201cadd input validation,\u201d provide a snippet using pydantic schema with constraints. Instead of \u201cavoid SQL injection,\u201d show parameterized query. Instead of \u201cadd idempotency,\u201d suggest a unique index and early return. These concrete suggestions turn a review from a critique into a collaboration.<\/p>\n\n <div class=\"section-title-container\"><h2 class=\"section-title\">Example Output Preview<\/h2><\/div>\n <div class=\"example-output\">\n <h4>Sample: PR Review Summary (Realistic)<\/h4>\n <p><strong>PR:<\/strong> \u201cAdd webhook endpoint for payment provider callbacks.\u201d<\/p>\n <p><strong>Decision:<\/strong> Request Changes.<\/p>\n <p><strong>P0 Must-Fix:<\/strong> No signature verification \u2192 auth bypass; webhook retries can double-apply payment; missing timeout handling on downstream DB call.<\/p>\n <p><strong>P1 Should-Fix:<\/strong> Add structured logs with request id; add metric payment_webhook_processed_total; add integration test with retry scenario.<\/p>\n <p><strong>P2 Nice-to-Have:<\/strong> Rename variable \u2018data\u2019 to \u2018event\u2019; add docstring.<\/p>\n <p><strong>Suggested Patch:<\/strong> add HMAC verification middleware; enforce idempotency key with unique constraint; return 2xx on duplicate events.<\/p>\n <\/div>\n\n <div class=\"section-title-container\"><h2 class=\"section-title\">Prompt Chain Strategy<\/h2><\/div>\n <div class=\"chain-step\"><h4>Step 1: Review the PR<\/h4><p><strong>Prompt:<\/strong> Use the main Automated Code Review prompt with the diff.<\/p><p><strong>Expected Output:<\/strong> P0\/P1\/P2 feedback + patches + merge checklist.<\/p><\/div>\n <div class=\"chain-step\"><h4>Step 2: Turn Must-Fix Into Tests<\/h4><p><strong>Prompt:<\/strong> \u201cWrite tests that reproduce each P0 issue and then pass after fixes.\u201d<\/p><p><strong>Expected Output:<\/strong> A concrete test suite that enforces review findings.<\/p><\/div>\n <div class=\"chain-step\"><h4>Step 3: Rollout and Monitoring Plan (High Risk)<\/h4><p><strong>Prompt:<\/strong> \u201cCreate rollout steps, feature flags, dashboards, and alert thresholds for this change.\u201d<\/p><p><strong>Expected Output:<\/strong> Safe deployment plan.<\/p><\/div>\n\n <div class=\"section-title-container\"><h2 class=\"section-title\">Human-in-the-Loop Refinements<\/h2><\/div>\n <h3>Require a \u201cRisk Level\u201d Field in Every PR<\/h3>\n <p>Risk drives rigor. <strong>Technique:<\/strong> low\/med\/high with required checks per level.<\/p>\n <h3>Use a PR Checklist Template<\/h3>\n <p>Prevent omissions. <strong>Technique:<\/strong> tests, docs, observability, rollback plan.<\/p>\n <h3>Run a Security Checklist for External-Facing Endpoints<\/h3>\n <p>Focus on auth, validation, secrets. <strong>Technique:<\/strong> include signature verification and rate limiting.<\/p>\n <h3>Ask for Load\/Perf Evidence When Complexity Changes<\/h3>\n <p>Prevent regressions. <strong>Technique:<\/strong> benchmark or add metrics.<\/p>\n <h3>Enforce \u201cNo P0 Without Test\u201d<\/h3>\n <p>If it\u2019s a real bug, it should be testable. <strong>Technique:<\/strong> require reproduction tests.<\/p>\n <h3>Rotate Reviewers to Avoid Blind Spots<\/h3>\n <p>Fresh eyes catch issues. <strong>Technique:<\/strong> cross-team review for critical modules.<\/p>\n\n <div class=\"footer\">\n <div class=\"footer-stat\"><div class=\"footer-stat-value\">4.9\u2605<\/div><div class=\"footer-stat-label\">Average Rating<\/div><\/div>\n <div class=\"footer-stat\"><div class=\"footer-stat-value\">2,687<\/div><div class=\"footer-stat-label\">Times Copied<\/div><\/div>\n <div class=\"footer-stat\"><div class=\"footer-stat-value\">221<\/div><div class=\"footer-stat-label\">Reviews<\/div><\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n\n <script>\n function copyPrompt(){\n const promptContent=document.getElementById('promptContent').innerText;\n navigator.clipboard.writeText(promptContent).then(()=>{\n const button=document.querySelector('.copy-button');\n const originalText=button.innerHTML;\n button.innerHTML='\u2713 Copied!';\n setTimeout(()=>{button.innerHTML=originalText;},2000);\n }).catch(err=>console.error('Failed to copy text: ',err));\n }\n <\/script>\n<\/body>\n<\/html>\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>Automated Code Review Prompts – AiPro Institute\u2122 Automated Code Review Prompts Automated Code Review Prompts Problem Solving & Analysis \u23f1\ufe0f 20-35 minutes\ud83d\udcca Advanced ChatGPTClaudeGeminiPerplexityGrok The Prompt \ud83d\udccb Copy Prompt You are a senior engineer performing a code review. Review the change below and produce an actionable PR review. [PR_TITLE] [CONTEXT] (what this PR is supposed…<\/p>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[173],"tags":[],"class_list":["post-5648","post","type-post","status-publish","format-standard","hentry","category-problem-solving-analysis"],"acf":[],"_links":{"self":[{"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/posts\/5648","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/comments?post=5648"}],"version-history":[{"count":4,"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/posts\/5648\/revisions"}],"predecessor-version":[{"id":5698,"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/posts\/5648\/revisions\/5698"}],"wp:attachment":[{"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/media?parent=5648"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/categories?post=5648"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teen.aiproinstitute.com\/zh\/wp-json\/wp\/v2\/tags?post=5648"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}