AI improvement prompts

Қалай жұмыс істейді

Click кезінде екі data piece combine болады:

• The finding — title, description, evidence, remediation, CWE — report-пен бірге already loaded.
• Your codebase's framework — scan-ның discovery.tech-fingerprint findings ішінен detected (Next.js, React, Vue, Django, Express, Rails, Laravel, Flask). Framework detected болмаса generic recipe-ге falls back болады (agent prompt содан кейін LLM-нен repo state бойынша detect етуді сұрайды).

Templates live in lib/scanner/fix-prompts.ts. The registry has check-specific guidance for crawlability, search presentation, semantic content, structured data, media, performance, accessibility, forms, mobile/i18n, runtime, owner journeys, and repo-quality issues. For everything else, the existing remediation field on the finding becomes the generic recipe.

Prompt қандай көрінеді

Fix the "Hero image is lazy-loaded and missing dimensions" finding on /pricing.

Issue: The largest above-the-fold image is marked loading="lazy" and has
no explicit width/height. That can delay LCP and create layout shift.

Codebase context: Next.js.

Recommended fix:
Use next/image or the existing image component with explicit width/height,
responsive sizes, meaningful alt text, and priority/fetchPriority for the
first major visual on the page.

Constraints:
- Don't break existing tests; run the test suite after the change.
- Match the codebase's existing style and lint config.
- Add a brief comment explaining the performance reasoning only where the
  fix would otherwise look arbitrary.
- If the fix needs a new dependency, install it via the project's
  package manager (npm / pnpm / pip / bundle / composer).

Reference: Core Web Vitals / Largest Contentful Paint guidance.

Қолдау көрсетілетін frameworks

Біз framework-specific snippets-ті мыналар үшін көрсетеміз:

• Next.js, React, Vue, Nuxt, Svelte (frontend)
• Express, Fastify (Node.js backend)
• Django, Flask (Python)
• Ruby on Rails
• Laravel (PHP)
• ASP.NET Core (жоспарда, бүгін generic fallback)

Framework detection best-effort. Біз __NEXT_DATA__ tags, __NUXT__, hash cookies (laravel_session), X-Powered-By headers және тағы бірнеше signals sniff етеміз. Custom framework қолдансаңыз, prompt generic recipe-ге falls back болады және agent оны package.json ішінен өзі анықтайды.

AI agent арқылы қолданыңыз

Егер MCP server қосылған болса, сол prompt slash command ретінде exposed. Claude Desktop ішінен:

/fixweb-fix finding_id=550e8400-e29b-41d4-a716-446655440000

The renderer looks up the finding, detects the framework from the parent scan when available, renders the templated prompt, and injects it into your conversation as the user message. No round-trip to our Claude API; templates are pure and free.

Неге әр click сайын Claude-қа бармаймыз

Launch кезінде әр click үшін Anthropic API шақырып, prompt-ты codebase context-пен refine етуді қарастырдық. Оны істемедік, себебі:

• User paste ететін agent-те codebase context already бар — олар repo ашық тұрған Cursor / Claude Desktop қолданады.
• Per-(check × framework) templating ешқандай per-click cost жоқ ~80% value жабады.
• “Refine with AI for my codebase” opt-in кейін users қаласа API fire ете алады. Бүгін — жоқ.