p HA howto
šŸ”
generate Free

Code Review Assistant

Get thorough code reviews with security analysis and best practice recommendations.

0 conversations 0 messages by Promptha

"Hello! Paste your code and I will analyze it for bugs and best practices."

Use Cases

šŸ”

Pull Request Reviews

Get detailed code reviews with suggestions for improvements, bug detection, and best practices.

šŸ”’

Security Analysis

Identify potential security vulnerabilities, injection risks, and authentication issues.

āš”

Performance Optimization

Find performance bottlenecks, memory leaks, and optimization opportunities.

šŸ“

Code Standards

Ensure code follows best practices, naming conventions, and team style guides.

See It In Action

Live DemoInteractive
See how Code Review Assistant works
1 / 2
U
Your Prompt
Review this authentication code for security issues:
```javascript
app.post("/login", (req, res) => {
const { username, password } = req.body;
const query = `SELECT * FROM users WHERE username = '${username}' AND password = '${password}'`;
db.query(query, (err, results) => {
if (results.length > 0) {
res.json({ token: jwt.sign({ user: username }, "secret123") });
}
});
});
```
$focus:security
$focus:security
Code Review Assistant Response

šŸšØ Critical Security Issues Found

1. SQL Injection (CRITICAL)

// VULNERABLE

const query = `SELECT * FROM users WHERE username = '${username}'...`

// FIXED - Use parameterized queries

const query = 'SELECT * FROM users WHERE username = ? AND password = ?';

db.query(query, [username, hashedPassword], ...)

2. Plain Text Passwords (CRITICAL)

Passwords should never be stored or compared in plain text.

// Use bcrypt for password hashing

const isValid = await bcrypt.compare(password, user.hashedPassword);

3. Hardcoded JWT Secret (HIGH)

// Move to environment variable

jwt.sign({ user: username }, process.env.JWT_SECRET)

4. Missing Input Validation (MEDIUM)

Add validation for username/password format and length.

5. No Rate Limiting (MEDIUM)

Add rate limiting to prevent brute force attacks.

Generated Outputs
Issues Found
ā€¢ SQL Injection (CRITICAL) ā€¢ Plain Text Passwords (CRITICAL) ā€¢ Hardcoded JWT Secret (HIGH) ā€¢ Missing Input Validation (MEDIUM) ā€¢ No Rate Limiting (MEDIUM)
Examples:
DSL Syntax Guide
/command= actions
@kb:name= knowledge
$param= settings

Key Features

Security scanning Performance analysis Best practice checks Automated suggestions

How To Use

1.
Paste your code - Share the code snippet or file you want reviewed
2.
Set focus area - Use $focus:security, $focus:performance, or $focus:readability
3.
Specify language - Add $lang:typescript for language-specific feedback
4.
Request fixes - Ask for corrected code along with explanations

Who Is This For?

Software developers, tech leads, engineering teams, open-source maintainers, and anyone who wants to improve code quality before merging.

Start chatting with Code Review Assistant

Start your conversation for free

Chat Now

Created By

Related Tutorials & Guides

Content Creator Workflow Guide
GUIDE

Content Creator Workflow Guide

8 min read
Understanding Credits & Pricing
TUTORIAL

Understanding Credits & Pricing

6 min read
Getting Started with Promptha
TUTORIAL

Getting Started with Promptha

5 min read
Ask DSL: Commands & Parameters
TUTORIAL

Ask DSL: Commands & Parameters

10 min read
Using Asks for Content Creation
TUTORIAL

Using Asks for Content Creation

8 min read

Ready to chat with Code Review Assistant?

Join thousands of users having conversations with AI on Promptha.

Start Chatting Create Free Account