Comprehensive security audit prompt covering OWASP Top 10 with severity ratings and fixes.
Perform a security audit of this web application. Check for: **Authentication & Authorization:** - Password hashing algorithm (bcrypt/argon2 with proper cost factor) - JWT token expiration and refresh flow - RBAC/ABAC implementation correctness - Session management and invalidation **Input Validation:** - SQL injection vectors in all database queries - XSS vulnerabilities in rendered output - Path traversal in file operations - SSRF in URL handling - Command injection in system calls **Data Protection:** - Sensitive data in logs or error messages - PII handling and encryption at rest - CORS configuration - CSP headers - Cookie security flags (HttpOnly, Secure, SameSite) **Infrastructure:** - Dependency vulnerabilities (npm audit) - Environment variable exposure - Rate limiting on auth endpoints - File upload restrictions For each finding, provide: severity (Critical/High/Medium/Low), location, and fix.
Use with @workspace for full codebase scan. Best with Copilot Agent Mode for automated fixes.
Leverage DeepSeek Coder for complete, production-quality code implementations. Excels at algorithmic problems, system design, and competitive programming.
Structured reasoning framework leveraging DeepSeek R1's advanced thinking capabilities. For complex math, logic, coding, and multi-step analysis problems.
Interpret legal contract clauses step by step with precedent references, statutory analysis, and practical implications.
Perform detailed financial analysis including ratio analysis, trend identification, and comparative benchmarking.
Solve linear algebra problems with step-by-step matrix operations, eigenvalue computation, and vector space analysis.
Given incomplete evidence, use DeepSeek R1 to generate the most likely explanations through abductive reasoning.
Workflows from the Neura Market marketplace related to this DeepSeek resource