Secure Coding AI Prompts

580+ prompt topics across 1,200+ model-tuned variants, empowering your AI to produce secure code. AI does not write secure code unless you make it!

Claude Opus 4.6 • GPT 5.3 Codex • Gemini 3.1 Pro • Grok 4.1 • GitHub Copilot

Meet the Creator

Contact Jim

Security Prompt Library

Backend Frameworks

  • .NET (ASP.NET Core, Entity Framework)
  • Elixir (Phoenix)
  • Go (Core, Echo, Gin)
  • GraphQL
  • gRPC
  • Java (Core, Spring Boot, MVC, Hibernate)
  • Message Brokers (Kafka, RabbitMQ)
  • Node.js (Express, NestJS, Next.js, Fastify)
  • PHP (Core, Laravel, Symfony)
  • Python (Core, Flask, FastAPI, SQLAlchemy, PySpark)
  • Ruby (Rails, Sinatra)
  • Rust (Core, Axum, Actix Web, Async Runtime)
  • Scala (Play, Akka)
  • ServiceNow
  • Swift (Vapor)
  • Unity

Client-Side Frameworks

  • Alpine.js
  • Angular
  • Astro
  • Deno Fresh
  • Ember.js
  • Flutter (Desktop)
  • HTMX
  • JavaScript
  • jQuery
  • Lit
  • Next.js
  • Preact
  • Qwik
  • React (JS, TS, Redux)
  • SolidJS
  • Svelte
  • TypeScript
  • Vue.js

Web & API Security

  • API Security
  • Content Security Policy (CSP)
  • CORS
  • CSRF Prevention
  • Database Encryption
  • File Upload Security
  • JWT Security
  • SQL Injection Prevention
  • SSRF Prevention
  • WebSocket Security
  • XSS Prevention
  • XXE Prevention

Authorization

  • ABAC Architect
  • Casbin
  • Cedar Policy (AWS)
  • Open Policy Agent (OPA)
  • OpenFGA
  • RBAC Architect
  • ReBAC Architect
  • SpiceDB

Database Security

  • SQL Query Security
  • PostgreSQL
  • MySQL
  • Oracle PL/SQL
  • T-SQL (SQL Server)
  • MongoDB
  • Redis
  • Cassandra
  • Elasticsearch
  • Database Administrator
  • Schema & Migration Security
  • Database Security Architect

Mobile

  • Android
  • iOS (Swift)
  • React Native
  • Flutter
  • Kotlin Multiplatform
  • Electron Desktop
  • Mobile Supply Chain & Release
  • Mobile Data Protection & Privacy

Infrastructure & DevSecOps

  • Ansible
  • AWS CloudFormation
  • CI/CD Pipelines
  • Docker
  • GitHub Actions
  • GitLab CI
  • Kubernetes
  • Monitoring & Observability
  • Nginx
  • OAuth2 / OIDC
  • Pulumi
  • Terraform

Secrets Management

  • HashiCorp Vault
  • AWS Secrets Manager / KMS
  • Azure Key Vault
  • GCP Secret Manager / Cloud KMS
  • Kubernetes Secrets
  • Kubernetes External Secrets Operator (ESO)
  • 1Password Secrets Automation
  • CyberArk Conjur
  • Docker Secrets
  • Doppler
  • GitHub Actions Secrets
  • Infisical
  • Mozilla SOPS
  • Vercel Secrets

Cloud & Serverless

  • AWS Lambda
  • Azure Functions
  • GCP Cloud Functions

Security Testing

  • Secure Testing
  • Penetration Testing
  • Fuzz Testing

Compliance & Governance

  • SOC 2
  • PCI DSS 4.0.1
  • ISO/IEC 27001:2022
  • ISO/IEC 42001:2023 (AI)
  • EU AI Act
  • HIPAA Security Rule
  • GDPR
  • NIST CSF 2.0
  • FedRAMP Rev 5
  • CMMC 2.0
  • NIST SP 800-171 Rev 3
  • CCPA / CPRA
  • DORA
  • NIS2 Directive
  • ISO/IEC 27701:2019
  • SOX IT Controls
  • GLBA Safeguards Rule
  • FERPA
  • COPPA
  • HITRUST CSF v11
  • CIS Controls v8.1
  • NIST AI RMF 1.0

Threat Modeling

  • Threat Model Interview (General)
  • API Threat Modeling with STRIDE
  • FMEA Threat Modeling
  • Threat Model Diagram Generator
  • PlantUML Diagram Generator
  • Repository Threat Reconnaissance

AI Coding Requirements

  • Spec Template & Overview
  • Drift Guard Policy
  • Architectural Decision Record
  • Context Curator
  • Scope Cutter
  • Constraint Distiller
  • Requirements Engineer
  • Ambiguity Hunter
  • Security Engineer
  • Contract Architect
  • Verification Matrix Builder
  • Batch Planner
  • Final Gate Reviewer

Secure AI & LLM Development

  • Secure AI Agent & Orchestration Developer
  • Secure LLM API Integration Developer
  • Secure Embedding & Vector Store Developer
  • Secure RAG Pipeline Developer
  • Secure MCP Builder
  • Secure MCP Tool & Resource Developer
  • Secure MCP Auth & Authorization
  • AI Threat Classification
  • AI Safety Researcher
  • Prompt Injection Defense Specialist
  • AI Output Validation & Sanitization

AI Content & Security Guards

  • RAG Query Input Guard
  • Retrieved Document Guard
  • Indirect Prompt Injection Detector
  • Context Relevance & Coherence Checker
  • PII & Confidentiality Guard
  • Output Response Guard
  • Hallucination & Groundedness Checker
  • Citation & Attribution Verifier
  • Training Data Input Validation
  • Content Quality & Relevance Filter
  • Safety, Ethics & Bias Filter
  • Data Poisoning Detection
  • PII & Sensitive Data Scrubber
  • Copyright & IP Compliance
  • Label & Annotation Validation
  • Human Reviewer Guide
  • NLP Security Guardrail
  • DoS & Performance Guard
  • 26 Domain-Specific Guards (Airline, Agriculture, Automotive, Banking, Cryptocurrency, E-Commerce, Education, Energy, FinTech, Gaming, Government, Healthcare, Hospitality, HR, Immigration, Insurance, Legal, Manufacturing, Media, Military, Nonprofit, Pharmaceutical, Real Estate, Supply Chain, Telecommunications, Child Safety)

Systems, Embedded & IoT

  • C Developer
  • C++ Developer
  • Embedded C Security
  • FreeRTOS
  • Zephyr RTOS
  • Embedded Linux
  • IoT Protocol Security
  • IoT Cloud Security
  • Firmware Vulnerability Analysis

WebAssembly (WASM)

  • Browser WASM Security
  • Server-Side WASM Security
  • WASM Cryptography
  • WASM Supply Chain Security
  • WASM Memory Safety

Incident Response

  • AWS Cloud Incident Responder
  • Azure Cloud Incident Responder
  • GCP Cloud Incident Responder
  • Digital Forensics Investigator
  • Malware Triage Analyst
  • Insider Threat Investigator
  • Supply Chain Compromise Investigator
  • Incident Commander
  • Ransomware Response Specialist
  • Threat Hunter
  • Data Breach Response Coordinator
  • Business Continuity Coordinator
  • Incident Communications Officer
  • Legal & Regulatory Advisor
  • OT & ICS Incident Responder

Code Quality & Prompt Engineering

  • General Code Quality
  • Language-Agnostic Secure Coding
  • Codex Task Engineer
  • Prompt Role Creator
  • Role Prompt Creator
  • Secure Coding Prompt Engineer
  • Secure Coding Activation Prompt
  • Threat Modeling Prompt Engineer

Workforce & Professional Roles

  • Security Roles (Defensive, Offensive, Governance)
  • AI & ML Roles (CV, NLP, MLOps, Data Science)
  • Software Engineering (Apple, Systems, Web)
  • Software Dev Practices (API, DevOps, Architecture)
  • Business & Leadership
  • Creative & Content
  • Operations & Strategy
  • Sustainability & Innovation
  • Specialized (Legal, Finance, Emerging Tech)

Why Prompts?

AI struggles to write secure code. Our prompts embed decades of secure-coding wisdom so your cloud or local AI engine produces secure code by default.

  • Web Security AppSec Web Security
  • Devops Security AppSec Cloud & DevSecOps
  • Mobile Security AppSec Mobile Platforms
  • AI Security AppSec AI & LLM Security
Jim Manico

Jim Manico is the founder of Manicode Security, an OWASP leader and author of "Iron-Clad Java." He's distilled decades of real-world secure-coding expertise into our AI prompt library so your models write robust, vulnerability-free code out of the box.