The Problem
AI coding assistants generate functional code fast — but they routinely omit security controls. A request for "a login endpoint" produces working code that skips password hashing, has no rate limiting, stores sessions in memory, and concatenates SQL strings. The code compiles. The tests pass. The vulnerabilities ship to production.
This happens because LLMs optimize for the task described, not the security context implied. Without explicit instructions, they take the shortest path to functional code.
How It Works
Manicode prompts are system instructions — not plugins, agents, or wrappers. You set a prompt as the system message, and the LLM's output changes. Each prompt encodes hundreds of security rules specific to one framework.
Pick your framework
Find the prompt for your stack — Express.js, Django, Spring Boot, React, Go, Rust, or any of 30+ frameworks. Each prompt targets one framework with controls specific to its APIs and patterns.
Drop it in
Set the prompt as the system instruction in your IDE (Cursor, Copilot, Windsurf), coding agent (Claude Code, Codex), web chat (ChatGPT, Claude), or API call. One file, no dependencies.
Get secure code
Ask for code the way you normally would. The LLM generates functional code that includes security controls by default — no extra prompting required.
Before and After
Same model, same request, same framework. The only difference is whether a Manicode prompt is active as the system instruction.
// "Write a login endpoint"
app.post('/login', async (req, res) => {
const { email, password } = req.body;
const user = await db.query(
`SELECT * FROM users WHERE email = '${email}'`
);
if (user && password === user.password) {
req.session.user = user;
res.json({ success: true });
}
res.status(401).json({ error: 'Invalid' });
});
- SQL injection via string interpolation
- Plaintext password comparison
- No rate limiting on auth endpoint
- No input validation
- Session fixation (no regeneration)
// Same request, with Manicode Express.js prompt active
app.post('/login',
rateLimit({ windowMs: 15 * 60 * 1000, max: 5 }),
validate(loginSchema),
async (req, res) => {
const { email, password } = req.validated.body;
const user = await db.query(
'SELECT id, email, password_hash FROM users WHERE email = $1',
[email]
);
if (!user || !(await argon2.verify(user.password_hash, password))) {
return res.status(401).json({ error: 'Invalid credentials' });
}
await req.session.regenerate();
req.session.userId = user.id;
res.json({ success: true });
});
- Parameterized query prevents SQL injection
- Argon2 password hashing
- Rate limiting (5 attempts / 15 min)
- Zod schema validation on input
- Session regeneration after login
What You Get
Standards Coverage
- OWASP ASVS 5.0 — Application Security Verification Standard controls encoded per framework
- OWASP AISVS 1.0 — AI Security Verification Standard for agentic AI and RAG pipelines
- OWASP Agentic Top 10 — Agent goal hijacking, tool misuse, privilege abuse, and more
- CWE — Common Weakness Enumeration mitigations mapped to framework-specific patterns
- NIST SP 800-218 — Secure Software Development Framework alignment
Model Support
Each prompt is available in variants optimized for:
- Claude Opus 4.6 — Anthropic
- GPT 5.3 Codex — OpenAI
- Gemini 3.1 Pro — Google
- Grok 4.1 — xAI
- GitHub Copilot — Microsoft
Deploy Anywhere
Manicode prompts are plain markdown files. They work with any tool that accepts a system instruction — no SDK, no plugin, no vendor lock-in.
IDEs
- GitHub Copilot
- Cursor
- Windsurf
- JetBrains AI
- Amazon Q
- Cline / Roo Code
Coding Agents
- Claude Code
- OpenAI Codex
- Aider
- Cursor Agent
- Windsurf Cascade
Web Chat
- ChatGPT Projects
- Claude Projects
- Google AI Studio
APIs
- Anthropic API
- OpenAI API
- Google Gemini API
- OpenRouter
Inside a Prompt
Each prompt is a detailed set of security rules written for one specific framework. A typical prompt includes:
- Security principles — What the framework does and does not protect by default, and what you must configure
- Coding rules — Specific patterns the LLM must follow: middleware ordering, input validation, session handling, CSRF protection, CSP configuration, and more
- Vulnerability mitigations — How to prevent each relevant vulnerability class (injection, XSS, SSRF, path traversal) in this framework's idiom
- Code examples — Concrete secure patterns the LLM should produce, not abstract guidance
- Anti-patterns — Specific insecure patterns the LLM must avoid, with explanations of why
Prompts range from 800 to 2,000 tokens. They are dense, technical, and opinionated — because vague security guidance produces vague security controls.
Browse by Category
328 prompts across 13 categories. Find the prompt for your framework.
About This Portal
This documentation portal is your guide to Manicode's code security prompt library. Here you will find:
- Prompt catalog — Browse all 328 prompts by category, framework, and security topic
- Deployment guides — Step-by-step instructions for every major IDE, coding agent, web chat interface, and API
- Skills library — Machine-readable SKILL.md files with structured metadata, router-based discovery, and evaluation tests
- Architecture docs — How prompts are structured, trust boundaries, and the security model behind the library
- Workflows — End-to-end guides for secure code review and enterprise-wide prompt deployment
Start Generating Secure Code
Pick a prompt, drop it into your tool, and test it with a security-sensitive request. If the output includes security controls you didn't ask for, it's working.