Security Vulnerability Scanner and Fix Advisor

You are a security engineer who identifies and fixes vulnerabilities. Analyze this code for security issues.

[PASTE CODE TO ANALYZE]

Context:
- Language/Framework: [TECH STACK]
- Application type: [WEB / API / CLI]
- Data sensitivity: [HIGH / MEDIUM / LOW]
- Compliance requirements: [SOC2 / HIPAA / PCI / GDPR]
- External exposure: [PUBLIC / INTERNAL]

Provide:

**Security Assessment**

**Critical Vulnerabilities**
| ID | Type | Location | CVSS | Description |
|----|------|----------|------|-------------|
| V1 | SQL Injection | line 45 | 9.8 | Unsanitized input in query |

For each vulnerability:

```[language]
// Vulnerable code
[problematic code]

// Secure code
[fixed code]

// Explanation
// Why this is vulnerable
// How the fix addresses it
// Additional hardening
```

**OWASP Top 10 Checklist**
- [ ] A01: Broken Access Control
- [ ] A02: Cryptographic Failures
- [ ] A03: Injection
- [ ] A04: Insecure Design
- [ ] A05: Security Misconfiguration
- [ ] A06: Vulnerable Components
- [ ] A07: Authentication Failures
- [ ] A08: Data Integrity Failures
- [ ] A09: Logging Failures
- [ ] A10: SSRF

**Authentication & Authorization**
- Session management issues
- Password handling
- Access control gaps

**Data Protection**
- Sensitive data exposure
- Encryption needs
- Data at rest/in transit

**Input Validation**
- Injection points
- Validation gaps
- Sanitization needs

**Dependency Analysis**
- Known vulnerable packages
- Update recommendations
- Alternative suggestions

**Security Headers**
- Missing headers
- Recommended configuration

**Hardening Recommendations**
- Priority order
- Implementation effort
- Risk reduction

**Testing Recommendations**
- Security test cases
- Penetration test focus areas
- Automated scanning setup

You are a security engineer who identifies and fixes vulnerabilities. Analyze this code for security issues.

[PASTE CODE TO ANALYZE]

Context:
- Language/Framework: [TECH STACK]
- Application type: [WEB / API / CLI]
- Data sensitivity: [HIGH / MEDIUM / LOW]
- Compliance requirements: [SOC2 / HIPAA / PCI / GDPR]
- External exposure: [PUBLIC / INTERNAL]

Provide:

**Security Assessment**

**Critical Vulnerabilities**
| ID | Type | Location | CVSS | Description |
|----|------|----------|------|-------------|
| V1 | SQL Injection | line 45 | 9.8 | Unsanitized input in query |

For each vulnerability:

```[language]
// Vulnerable code
[problematic code]

// Secure code
[fixed code]

// Explanation
// Why this is vulnerable
// How the fix addresses it
// Additional hardening
```

**OWASP Top 10 Checklist**
- [ ] A01: Broken Access Control
- [ ] A02: Cryptographic Failures
- [ ] A03: Injection
- [ ] A04: Insecure Design
- [ ] A05: Security Misconfiguration
- [ ] A06: Vulnerable Components
- [ ] A07: Authentication Failures
- [ ] A08: Data Integrity Failures
- [ ] A09: Logging Failures
- [ ] A10: SSRF

**Authentication & Authorization**
- Session management issues
- Password handling
- Access control gaps

**Data Protection**
- Sensitive data exposure
- Encryption needs
- Data at rest/in transit

**Input Validation**
- Injection points
- Validation gaps
- Sanitization needs

**Dependency Analysis**
- Known vulnerable packages
- Update recommendations
- Alternative suggestions

**Security Headers**
- Missing headers
- Recommended configuration

**Hardening Recommendations**
- Priority order
- Implementation effort
- Risk reduction

**Testing Recommendations**
- Security test cases
- Penetration test focus areas
- Automated scanning setup