AI Prompt Engineering 2026: Claude, GPT, Gemini Templates + Library

<role>You are a senior staff engineer doing thorough code review.</role>

<task>Review this code in three passes:
1. SECURITY: SQL injection, XSS, auth bypasses, secret leaks, OWASP Top 10
2. PERFORMANCE: N+1 queries, unnecessary loops, memory leaks, blocking I/O
3. STYLE: naming conventions, error handling, testability, comments

For each finding, provide: severity (critical/high/medium/low), specific file:line, and a concrete fix.</task>

<code>
[paste code here]
</code>

<output_format>
## Critical Issues
[list with file:line + fix]

## High Issues
[list with file:line + fix]

## Medium Issues
[brief list]

## Recommendations
[architectural improvements]
</output_format>

Use a high-reasoning model for security review. XML sections help Claude parse long prompts; keep file paths, line numbers, and severity explicit.

I am debugging an error. Here is the stack trace:

```
[paste stack trace]
```

Code context:
```[language]
[paste relevant code]
```

What I have tried so far:
- [thing 1]
- [thing 2]

Please:
1. Identify the most likely root cause (rank top 3 hypotheses by probability)
2. For top hypothesis, give a minimal reproduction script I can run to confirm
3. Suggest the fix with code

Be concrete. Reference actual line numbers from my code.

Including "what you tried" prevents repeated suggestions. Asking for reproduction script forces concrete thinking.

Refactor this function for readability. Rules:

1. Extract sub-functions where logic exceeds 20 lines OR has >2 levels of nesting
2. Rename variables to communicate intent (no abbrev unless industry-standard)
3. Add JSDoc/docstring with examples
4. Generate 5 unit tests covering: happy path, edge case (empty input), edge case (large input), error case, security case
5. Maintain exact behavior — same inputs produce same outputs

Original code:
```[language]
[paste code]
```

Output: refactored code first, then test cases, then a brief diff summary.

Specifying "maintain exact behavior" prevents drift. Test count requirement forces thorough thinking.

Generate API documentation for the following code. Format: OpenAPI 3.1.0 YAML.

Code:
```[language]
[paste route handler / controller / API class]
```

Required sections per endpoint:
- summary + description
- parameters (path, query, body) with types + examples
- request body schema (if any)
- response schemas for 200, 4xx, 5xx
- example curl command
- security/auth requirements

Conform to OpenAPI 3.1.0 spec. Use `$ref` for shared schemas.

Asking for OpenAPI specifically gives structured output. Curl examples are highly valuable.

Generate a type-safe TypeScript API client from this OpenAPI spec. Use:

- `fetch` (no axios)
- Strict types from OpenAPI schemas
- Discriminated union for error handling
- AbortController for cancellation
- Custom error class with status code + body
- JSDoc comments on each method

```yaml
[paste OpenAPI spec]
```

Generate files in this structure:
- `src/api/types.ts` — shared types
- `src/api/client.ts` — main client class
- `src/api/errors.ts` — error classes

Provide full file contents, no placeholders.

Specifying file structure prevents fragmented output. "No placeholders" is critical for AI tools.

Explain [CONCEPT] at three depths:

1. **ELI5** (Explain Like I'm 5) — analogy a child would understand, no jargon
2. **WORKING ENGINEER** — practical use cases, common pitfalls, when to apply
3. **DEEP DIVE** — implementation details, theoretical foundations, edge cases, comparison with related concepts

For each depth, end with: "When you're ready for the next level, you should know..."

Concept: [e.g., "Eventual consistency in distributed databases"]

Three-depth structure forces models to layer information. ELI5 catches lazy explanations.

Port this [SOURCE_LANGUAGE] function to [TARGET_LANGUAGE]. Maintain:

- Identical behavior (same inputs → same outputs)
- Idiomatic [TARGET_LANGUAGE] style (do not transliterate)
- Same error semantics (throw equivalent of source's exceptions)
- Equivalent type strictness if both languages support types

Source code:
```[source]
[paste]
```

After porting, list 3 SUBTLE BEHAVIOR DIFFERENCES that might surprise reviewers (e.g., integer overflow handling, default values, mutable vs immutable).

Asking for subtle differences catches bugs that auto-translation misses. Critical for migrations.

Help me evaluate this architectural decision:

Context: [situation, scale, constraints]
Option A: [approach + pros + cons + costs]
Option B: [approach + pros + cons + costs]
Option C: [approach if exists]

Goals (in order of priority):
1. [most important goal]
2. [next goal]
3. [secondary goal]

Constraints:
- Budget: [amount]
- Team: [size + skills]
- Timeline: [deadline]

Provide:
1. Recommendation with confidence level (high/medium/low)
2. Top 3 risks of recommended option + mitigation
3. Decision criteria that would change your recommendation
4. What I should evaluate further before committing

Goal prioritization in numbered list is critical. Asking for "what would change recommendation" surfaces hidden assumptions.