Patch a security vulnerability and ship the fix in under 15 minutes
Beginner
10 min
English
Turn a CVE or security alert into a reviewed, tested patch without drowning in changelogs.
Steps
- Open Claude or ChatGPT in your browser.
- Copy the prompt template below into a new chat.
- Replace {vuln_description}, {package_name}, {current_version}, {target_version}, and {code_snippet} with the details from your security alert or CVE report.
- Send the prompt and read the proposed fix, upgrade steps, and test cases.
- Apply the suggested code changes in your editor and run the generated tests.
- Ask one follow-up: 'What else could break with this upgrade?' and review the edge cases.
- Commit the patch with a message referencing the CVE, then open your PR.
Prompts to Use
You are a senior application security engineer. I need to implement a security fix.
Context:
- Vulnerability: {vuln_description}
- Affected package: {package_name}
- Current version: {current_version}
- Target/fixed version: {target_version}
- Relevant code from my project:
```
{code_snippet}
```
Constraints:
- Give me the minimum change needed to remediate the vulnerability.
- Flag any breaking changes in the upgrade path.
- Do not invent APIs; only use what exists in the stated versions.
Output format:
1. Root cause (2 sentences max)
2. Upgrade steps (numbered)
3. Patched code (in a code block, same language as the snippet)
4. 3 test cases I should run (input + expected result)
5. Risks or regressions to watch for
Tools Used
Some tool links may earn AiA a commission — never affecting rankings.