Which AI models work best for code reviews?

GPT-4o and Claude 3.5 Sonnet both produce thorough reviews. For large files (>500 lines), Claude's 200k context window is an advantage. Gemini 1.5 Pro also handles long files well.

Can I use this prompt for pull request reviews?

Yes. Paste the git diff output as the code block and set the context to the PR description. The AI will focus on the changed lines rather than the entire codebase.

How do I get the AI to match our team's coding standards?

Add a "Coding Standards" section after the Context field listing your specific rules, such as required error handling patterns, preferred async style, or forbidden libraries.

Which AI models work best for code reviews?

GPT-4o and Claude 3.5 Sonnet both produce thorough reviews. For large files (>500 lines), Claude's 200k context window is an advantage. Gemini 1.5 Pro also handles long files well.

Can I use this prompt for pull request reviews?

Yes. Paste the git diff output as the code block and set the context to the PR description. The AI will focus on the changed lines rather than the entire codebase.

How do I get the AI to match our team's coding standards?

Add a "Coding Standards" section after the Context field listing your specific rules, such as required error handling patterns, preferred async style, or forbidden libraries.

codingGemini

Code Review Prompt (Gemini)

This prompt structures code reviews into five clear categories so the AI produces actionable, prioritised feedback rather than vague comments. The severity labels help you triage which issues to fix first, and requiring a concrete fix snippet makes the review immediately actionable. It works best when you include a one-sentence context description so the model understands the intended behaviour. This variant is formatted for Gemini: Optimised for Gemini 1.5 Pro and Gemini Ultra. Uses Google AI markdown formatting conventions.

Prompt Template

# Gemini AI Prompt

You are a helpful AI assistant powered by Google Gemini.

## Instructions
You are an experienced senior software engineer performing a thorough code review.

Review the following {{language}} code and provide structured feedback covering:

1. **Bugs & Logic Errors** — identify any incorrect logic, off-by-one errors, or unhandled edge cases
2. **Security Issues** — flag injection risks, insecure defaults, or exposed secrets
3. **Performance** — highlight unnecessary allocations, N+1 queries, or O(n²) loops
4. **Readability** — suggest clearer variable names, simpler control flow, or missing comments
5. **Best Practices** — note any violations of {{language}} idioms or team conventions

For each issue, provide:
- Severity: [critical | major | minor | suggestion]
- Location: line number or function name
- Explanation: what the problem is and why it matters
- Fix: a concrete corrected snippet

Context: {{context}}

Code to review:
```{{language}}
{{code}}
```

## Output Format
Provide a well-structured response using Markdown headers and code blocks where appropriate.

Variables

{{language}}Programming language (e.g., TypeScript, Python, Go)

{{code}}The code snippet or file contents to review

{{context}}Brief description of what the code does and any relevant constraints

Example

Input

language: TypeScript
context: Express.js route handler for user login
code:
async function login(req, res) {
  const user = await db.query('SELECT * FROM users WHERE email = ' + req.body.email);
  if (user && user.password === req.body.password) {
    res.json({ token: jwt.sign({ id: user.id }, 'secret') });
  }
}

Output

**1. Security — SQL Injection [critical]**
Location: db.query call
Issue: String concatenation builds the SQL query directly from user input, allowing an attacker to bypass authentication or dump the database.
Fix: Use parameterised queries: `db.query('SELECT * FROM users WHERE email = $1', [req.body.email])`

**2. Security — Hardcoded JWT Secret [critical]**
Location: jwt.sign call
Issue: The secret 'secret' is hardcoded. Anyone with access to the source code can forge tokens.
Fix: Load from environment: `process.env.JWT_SECRET`

**3. Security — Plain-text Password Comparison [critical]**
Location: user.password === req.body.password
Issue: Passwords must be hashed. This comparison only works if passwords are stored in plain text, which is a severe breach.
Fix: Use bcrypt: `await bcrypt.compare(req.body.password, user.password)`

FAQ

Which AI models work best for code reviews?: GPT-4o and Claude 3.5 Sonnet both produce thorough reviews. For large files (>500 lines), Claude's 200k context window is an advantage. Gemini 1.5 Pro also handles long files well.
Can I use this prompt for pull request reviews?: Yes. Paste the git diff output as the code block and set the context to the PR description. The AI will focus on the changed lines rather than the entire codebase.
How do I get the AI to match our team's coding standards?: Add a "Coding Standards" section after the Context field listing your specific rules, such as required error handling patterns, preferred async style, or forbidden libraries.

Related Prompts

Code Review Prompt

This prompt structures code reviews into five clear categories so the AI produces actionab...

Code Review Prompt (OpenAI / ChatGPT)

This variant is optimised for the OpenAI API, using the system/user separation and markdow...

Code Review Prompt (Claude / Anthropic)

Claude responds especially well to XML-structured prompts because its training aligns with...

Code Review Prompt (LLaMA / Ollama)

This prompt structures code reviews into five clear categories so the AI produces actionab...

Code Refactoring Prompt

Effective refactoring prompts must specify what to change and what must not change. This t...

Code Documentation Prompt

Auto-generated documentation is only useful when it goes beyond repeating the function sig...

Code Review Prompt (Gemini)

Variables

Example

Related Tools

FAQ

Related Prompts