Prompt Library

All sql-server csharp dotnet analysis security api rest design aspnetcore review

Review this REST API for design quality and consistency. Evaluate:
1. URL structure: Are resource names plural? Are URLs hierarchical and intuitive?
2. HTTP methods: Correct use of GET, POST, PUT, PATCH, DELETE.
3. Status codes: Appropriate use of 2xx, 3xx, 4xx, 5xx.
4. Versioning: Is there a clear versioning strategy?
5. Pagination: Are list endpoints paginated consistently?
6. Filtering and sorting: Consistent query parameter conventions.
7. Error responses: Consistent error body structure with actionable messages.
8. Authentication and authorization: Clear token/scope requirements.
9. Rate limiting: Indicated in response headers?
10. HATEOAS: Any discoverability links in responses?
11. Input validation: Clear validation error messages?
12. Deprecation: Is there a deprecation header and sunset policy?

Provide a prioritized list of improvements.

Review this Entity Framework Core migration for production safety. Check for:
1. Destructive operations (DROP TABLE, DROP COLUMN) that should be multi-step.
2. Column type changes that may cause data loss or casting errors.
3. Adding non-null columns without default values.
4. Index changes that could block on large tables.
5. Operations that will hold schema modification locks for long periods.
6. Migration applied to wrong schema or database.
7. Missing transaction handling or rollback strategy.
8. Backward compatibility with the previous application version.
9. Data migration steps that should be separate from schema changes.
10. Performance impact during deployment window.

Suggest a safe deployment sequence if any issues are found.

Generate unit tests for this C# code using xUnit and Moq. Follow these guidelines:
1. Test happy path and edge cases.
2. Test null and empty input handling.
3. Test exception paths.
4. Mock all external dependencies (database, HTTP, file system, services).
5. Use meaningful test method names: MethodName_Scenario_ExpectedBehavior.
6. Follow AAA pattern (Arrange, Act, Assert).
7. One assertion concept per test.
8. Test boundary values (max, min, zero, negative).
9. For async methods, test cancellation token behavior.
10. Include comments explaining what each test validates.

Do not change the original code. Provide only the test file.

Analyze this .NET codebase. Focus on:
1. Architecture patterns and layering violations.
2. Dead code or unused dependencies.
3. Security issues (SQL injection, hardcoded credentials, insecure deserialization).
4. .NET Framework APIs that have no direct .NET 8 equivalent.
5. Areas with highest cyclomatic complexity.
6. Database access patterns (direct ADO.NET, Entity Framework, stored procedures).
7. Error handling consistency.
8. Logging approach and gaps.

Provide a prioritized list of findings with file paths.

Analyze this production incident information (logs, error messages, stack traces, timeline). Provide:
1. Root cause analysis: What sequence of events caused the failure?
2. Contributing factors: What conditions made the failure possible?
3. Detection: How was the incident discovered and how long was the time to detection?
4. Impact: What was the blast radius (users affected, data loss, duration)?
5. Resolution: What fixed the issue and how long did resolution take?
6. Prevention: What specific changes would prevent this from happening again?
7. Monitoring gaps: What alerts would have caught this earlier?
8. Documentation: What runbooks or documentation should be updated?

Format as a structured post-mortem document.

Perform a security review of the following code. Check for:
1. OWASP Top 10 vulnerabilities (injection, broken auth, sensitive data exposure, XXE, broken access control, security misconfiguration, XSS, insecure deserialization, known-vulnerable components, insufficient logging).
2. Hardcoded credentials, keys, or tokens.
3. SQL injection vectors.
4. Command or process injection.
5. Path traversal vulnerabilities.
6. Insecure cryptographic usage (weak algorithms, hardcoded IVs).
7. Missing input validation.
8. Missing authorization checks.
9. Trace/DEBUG endpoints left enabled.
10. Verbose error messages exposing stack traces.

Rate each finding by severity (Critical, High, Medium, Low) and provide remediation guidance.

Review this T-SQL query for performance. Identify:
1. Missing indexes based on WHERE, JOIN, and ORDER BY clauses.
2. Subqueries that could be replaced with JOINs or CTEs.
3. Implicit conversions that prevent index usage.
4. Unnecessary sorts or expensive operations.
5. Query plan anti-patterns (key lookups, table scans, hash joins on large tables).
6. Parameter sniffing risks.
7. Opportunities to use indexed views or computed columns.

Suggest an optimized version of the query and explain each change.

Generate XML documentation comments for all public members in this C# code. Follow these rules:
1. Every public class, interface, method, property, and enum gets a summary.
2. Method parameters get  tags with clear descriptions.
3. Methods with return values get  tags.
4. Document exceptions thrown with  tags.
5. Include usage examples in  tags for non-trivial methods.
6. Use  for type references.
7. Keep descriptions concise and technical.
8. Do not document private or internal members unless they implement an interface.
9. For async methods, describe what the returned task represents.

Do not modify any code — only add or improve XML doc comments.