title: "Code Review Prompt Template" tested_with: claude-code: "1.0.x" codex-cli: "0.2.x" last_updated: 2026-03-21 status: proven difficulty: beginner prerequisites: []

Code Review Prompt Template

When to Use This Prompt

When you want the agent to review code for quality, bugs, security, or adherence to conventions.

The Prompt

Review [file or directory] for:
- Bugs or logic errors
- Security issues
- Performance concerns
- Adherence to our project conventions

For each issue found, explain:
1. What the problem is
2. Why it matters
3. How to fix it

Don't fix anything yet — just report findings.

# Adapt this by:
# - Narrow the focus: "Review for SQL injection vulnerabilities" is better than "review everything"
# - Replace the checklist with your team's specific review criteria
# - Add "Don't fix anything yet" if you want review-only; remove it if you want auto-fix

Why It Works

Structured output: The 3-part format (what, why, how) gives actionable findings
Review-only mode: Separating review from fixing prevents premature changes
Scoped criteria: Telling the agent what to look for prevents generic platitudes

Variations

Review recent changes:

Review the changes in the current git diff. Focus on correctness and whether the changes match the intent described in the most recent commit message.

Security-focused review:

Perform a security review of [file]. Check for: input validation, injection vulnerabilities, authentication/authorization issues, and sensitive data handling.

Review then fix:

Review [file] for issues. Present your findings. After I approve, fix the issues you found.

Good output lists specific findings with line numbers and concrete fixes. If the agent returns only vague praise ("the code looks well-structured"), the scope was too broad — narrow your review criteria.

The Agentic Developer's Playbook