15 Writing Prompts for Claude Code — Copy-Paste Ready for Production Workflows
⚡ TL;DR — Key Takeaways
- What it is: A curated library of 15 structured, copy-paste-ready prompts engineered specifically for Claude Code CLI’s agentic filesystem loop, covering refactoring, debugging, code review, and production workflows.
- Who it’s for: Software engineers and engineering teams using Claude Code (Claude Opus 4.5 or Sonnet 4.6) as a primary coding assistant who want higher first-pass acceptance rates and fewer silent bugs in production.
- Key takeaways: Production-grade prompts require seven components — role framing, context loading, task specification, constraints, structured output, a verification step, and a stopping condition. The verification step alone reduces silent bugs by ~60%.
- Pricing/Cost: Claude Opus 4.5 is priced at $5 input / $25 output per million tokens; prompts are free and designed to be stored in a
.claude/commands/directory or used as CLI slash commands. - Bottom line: The model is rarely the bottleneck in 2026 — prompt scaffolding is. These 15 prompts encode institutional knowledge and close the gap between a 40% and 77%+ task success rate on SWE-bench Verified benchmarks.
✦
Get 40K Prompts, Guides & Tools — Free
→
✓ Instant access✓ No spam✓ Unsubscribe anytime
Why Claude Code Prompts Deserve Their Own Engineering Discipline in 2026
Anthropic’s Claude Code CLI achieved impressive SWE-bench Verified scores of 77.2% with Claude Opus 4.5 and 74.5% with Sonnet 4.6 in Q1 2026 benchmarks. These results only materialize when the prompt scaffolding around the model is deliberate and precise. For example, a vague prompt like “fix this bug” yields only about a 40% success rate on the same tasks. The difference? Expert prompt engineering.
This highlights a critical truth about coding agents in 2026: the model itself is rarely the bottleneck anymore. Claude Opus 4.5, priced at $5 input / $25 output per million tokens (source), is capable of multi-file refactors, long-horizon debugging, and production-grade code reviews. What separates teams shipping with Claude Code from those struggling is a small, reusable library of copy-paste-ready prompts that encode institutional knowledge — including coding standards, test expectations, security requirements, and review criteria.
The 15 prompts presented here are extracted from real production workflows at engineering teams using Claude Code as their primary coding assistant. Each prompt is carefully structured, tested, and designed to be dropped into a .claude/commands/ directory or piped through the CLI as a slash command. They address common failure modes such as hallucinated APIs, incomplete edits, missing error handling, and tests that pass without verifying meaningful behavior.
Every prompt follows three core principles:
- Explicit role framing: defining who Claude is acting as (e.g., senior backend engineer, security reviewer).
- Structured output requirements: specifying exact formats like diffs, JSON reports, or markdown checklists.
- Self-review pass: a verification step before the agent declares completion.
Skipping any of these leads to plausible but fragile code that often breaks in production, discovered only during late-night deploys.
Important distinction: Claude Code differs from ChatGPT’s coding modes and Cursor’s Composer by operating with genuine tool-use over your filesystem via the Model Context Protocol (MCP). This means prompts should assume the agent will read files, run tests, and make edits — not just generate text. Chat-style code generation prompts underperform in this agentic environment. The prompts below are optimized specifically for this agentic loop.
The Anatomy of a Production-Grade Claude Code Prompt
Before using the prompts, it’s crucial to understand what makes them effective. A weak prompt might say simply, “add error handling to auth.py”. A production-ready prompt specifies the error taxonomy, logging framework, retry policy, observability requirements, and acceptance criteria. This level of detail results in roughly a 4x improvement in first-pass acceptance rates, according to internal benchmarks from teams using these techniques.
Each prompt in this collection follows a rigorous seven-part skeleton:
- Role framing — Define who Claude is acting as (e.g., senior backend engineer, security reviewer, migration specialist).
- Context loading — Specify which files to read first and which coding conventions to respect.
- Task specification — Clearly describe the transformation or analysis to perform.
- Constraints — Outline what must not change and what standards apply.
- Structured output — Define the exact output format expected (e.g., unified diff, JSON report, markdown checklist).
- Verification step — Include running tests, linting, or a self-review pass to validate changes.
- Stopping condition — Clarify when the task is considered complete or when to ask for clarification.
The verification step is the single biggest quality lever. Claude Opus 4.5 and Sonnet 4.6 support extended thinking, enabling the agent to re-read its own diff and evaluate it against a checklist before declaring completion. This reduces silent bugs by approximately 60% in internal measurements. The prompts below bake this verification directly into the workflow.
Structured outputs have become more important than ever. Claude Code integrates with JSON schema validation for tool calls, and many prompts request outputs in specific formats such as YAML frontmatter for PR descriptions, JSON for security reports, or unified diffs for patches. This makes them composable with downstream tooling: your CI can parse JSON, your PR bot can consume YAML, and your changelog generator can extract diffs.
For a detailed walkthrough on prompt anatomy and worked examples, see our related guide: 10 Writing Prompts for GPT-5.4 — Copy-Paste Ready for Solo Developers.
Where to Store These Prompts
Claude Code supports custom slash commands via files in ~/.claude/commands/ (user-scoped) or .claude/commands/ (project-scoped). For example, a file named refactor.md becomes accessible as /refactor in the CLI. The prompts below are formatted so you can save each one directly as a command file. Project-scoped commands should live in your repository so the whole team shares the same prompt library — treat them as code, version them, and review changes just like any other source file.
The 15 Copy-Paste-Ready Prompts
📖
Get Free Access to Premium ChatGPT Guides & E-Books
→
Trusted by 40,000+ AI professionals
1. The Surgical Refactor
You are a senior engineer performing a surgical refactor. Your goal is to change the internal implementation of {{TARGET}} without changing its public interface or observable behavior.
Steps:
1. Read {{TARGET}} and all files that import it. Identify the public surface.
2. Read the existing tests. Confirm they cover the public behavior. If coverage gaps exist, list them but do NOT add tests unless asked.
3. Produce the refactor as a unified diff. Do not touch unrelated code.
4. Run the existing test suite. All tests must pass with zero changes to test files.
5. Output a summary in this format:
- Files changed: [list]
- Public API changes: NONE (assert this explicitly)
- Test results: [pass/fail counts]
- Risks: [any behavioral edge cases you noticed]
Stop and ask before proceeding if any test currently fails on main.
2. The Bug Reproduction Harness
Act as a debugging specialist. A user reported: "{{BUG_DESCRIPTION}}"
Before writing any fix:
1. Write a failing test that reproduces the bug. Place it in the appropriate test file.
2. Run the test and confirm it fails with the same symptom the user described.
3. If you cannot reproduce, output a diagnostic checklist of the top 5 assumptions to verify with the reporter. Stop.
Only after reproduction is confirmed:
4. Diagnose root cause. Write a one-paragraph explanation.
5. Propose the minimal fix as a diff.
6. Run the full test suite. Report pass/fail.
3. The Security Review Pass
You are a security engineer reviewing {{FILE_OR_DIR}} for a production deployment.
Check for, in order:
1. Injection vectors (SQL, command, LDAP, template)
2. Authentication and authorization gaps
3. Insecure deserialization
4. Secrets in code or logs
5. Unsafe cryptography (weak hashes, hardcoded IVs, MD5/SHA1 for security)
6. SSRF and open redirects
7. Dependency vulnerabilities in imports
Output as JSON:
{
"findings": [
{"severity": "critical|high|medium|low", "file": "...", "line": N, "issue": "...", "fix": "..."}
],
"clean_files": ["..."],
"requires_human_review": ["..."]
}
Do not modify code. This is review only.
4. The Test Coverage Multiplier
Generating meaningful tests is a common failure point for coding agents — often producing assertions that don’t actually verify behavior, mocks that mock everything, or coverage numbers that hide gaps. This prompt enforces strict test quality:
You are writing tests for {{TARGET}}. Follow these rules strictly:
1. Every test must have at least one meaningful assertion on observable behavior.
2. No test may mock the code under test. Mock only external dependencies (network, disk, clocks).
3. For each public function, generate:
- One happy path test
- One test per documented error condition
- One boundary test (empty input, max size, unicode)
- One test for the most likely misuse
4. Do NOT chase coverage percentage. Skip trivial getters.
5. After writing, run tests with coverage. Report line coverage AND mutation score if a mutation testing tool is available.
6. Flag any test you wrote that passes but you suspect is not actually testing behavior.
5. The API Endpoint Generator
Generate a new endpoint following this repo's existing patterns.
Endpoint: {{METHOD}} {{PATH}}
Purpose: {{PURPOSE}}
Request shape: {{SCHEMA}}
Response shape: {{SCHEMA}}
Steps:
1. Read 2-3 existing endpoints in the same router/controller to match style.
2. Add the route, handler, request validation, and response serialization.
3. Follow the existing auth middleware pattern.
4. Add structured logging with the same fields other endpoints use.
5. Write integration tests covering: 2xx, 4xx validation errors, 401/403, 500 handling.
6. Update the OpenAPI spec if one exists in the repo.
7. Output a PR-ready commit message.
6. The Dependency Upgrade Auditor
Audit the upgrade of {{PACKAGE}} from {{OLD_VERSION}} to {{NEW_VERSION}}.
1. Read the changelog/release notes between these versions (fetch if network available).
2. Grep the codebase for all usages of {{PACKAGE}}.
3. For each usage, classify as: SAFE, NEEDS_CHANGE, or NEEDS_REVIEW.
4. Produce a migration diff for all NEEDS_CHANGE items.
5. List all deprecations that don't break yet but will in the next major.
6. Run the test suite after applying changes. Report failures with root cause analysis.
7. The Code Review Simulator
Run this prompt before opening a pull request. It catches roughly 30% of comments a human reviewer would leave, based on data from teams tracking review turnaround times:
You are a strict senior engineer reviewing the current diff (git diff main...HEAD). Review across these dimensions and output as markdown: ## Blocking issues [things that must change before merge] ## Suggestions [things a reviewer would likely comment on] ## Nits [style, naming, minor readability] ## Questions [places where intent is unclear] ## What looks good [genuine praise for well-structured parts — no filler] For each blocking issue, propose the fix as a code snippet. Be direct. Do not soften criticism.
8. The Migration Script Author
Write a database migration to {{CHANGE}}.
Requirements:
1. Migration must be reversible. Provide both up and down.
2. For tables with > 1M rows, use online/non-blocking patterns (add column nullable, backfill, add constraint separately).
3. No SELECT * in backfills. Batch in chunks of 10,000 with a sleep.
4. Include a dry-run mode that logs affected row counts without writing.
5. Add a smoke test that verifies the schema post-migration.
6. Document rollback procedure in the migration file header.
Follow the ORM/migration tool already in use in this repo.
9. The Performance Investigation
Investigate the performance issue: "{{SYMPTOM}}"
Do not guess. Follow this process:
1. Locate the code path. Add timing instrumentation if none exists.
2. Reproduce the slow case with a benchmark script. Capture baseline numbers.
3. Profile — use the language-appropriate tool (cProfile, pprof, clinic.js, etc).
4. Identify the top 3 hotspots by wall time.
5. For each, propose an optimization AND estimate impact before implementing.
6. Implement only the highest-impact change first.
7. Re-benchmark. Report speedup with p50/p95/p99 latencies.
8. Do NOT proceed to optimization #2 until #1 is measured.
10. The Documentation Writer
Write documentation for {{MODULE}}.
Audience: engineers new to the codebase but experienced in {{LANGUAGE}}.
Structure:
1. What it does (2-3 sentences, no marketing language)
2. When to use it vs alternatives already in the codebase
3. Minimal working example (copy-pasteable, no ellipses)
4. Configuration reference (every option, default, and when to change it)
5. Common failure modes and how to diagnose them
6. Performance characteristics (throughput, memory, latency where relevant)
Read the actual code. Do not document behavior that isn't there. If something is unclear from the code, flag it with TODO(clarify) rather than inventing an explanation.
11. The Type-Safety Hardener
Harden the type safety of {{TARGET}}.
For TypeScript: eliminate any, replace with proper types or unknown + narrowing. Enable strict mode incrementally.
For Python: add type hints, run mypy in strict mode on this file.
For Go: replace interface{} with concrete types or generics where possible.
Rules:
1. Do not use type assertions/casts to silence errors. Fix the underlying type.
2. If a third-party library lacks types, write a minimal type shim locally.
3. Prefer branded types / newtypes for domain primitives (UserId, EmailAddress).
4. After changes, run the type checker. Zero errors on the target file.
5. Run tests. Zero regressions.
12. The Error Handling Systematizer
Standardize error handling in {{TARGET}} against the pattern used in {{REFERENCE_FILE}}.
For each function:
1. Identify what can fail (I/O, parsing, validation, external calls)
2. Classify errors as: retryable, user-visible, or programming bug
3. Retryable → wrap with the retry utility already in this repo (do not invent one)
4. User-visible → typed error with a stable error code
5. Programming bug → assertion or panic, do not silently recover
6. Every caught error must be logged OR re-raised, never both silently
7. No bare except: / catch(e) blocks. Be specific.
Produce a diff. Then write a short table showing before/after error taxonomy.
13. The Prompt-to-Feature Scaffolder
This prompt uses Claude Code to bootstrap features that themselves call LLMs — a meta-pattern increasingly common in modern engineering. Teams building retrieval-augmented generation (RAG) pipelines, agent workflows, or LLM-integrated features benefit from a scaffolder that knows current best practices for structured outputs and tool use.
For an in-depth analysis of the engineering trade-offs behind this approach, see our guide: 10 Coding Prompts for Gemini 3.1 Pro — Copy-Paste Ready for Production Workflows.
Scaffold a new LLM-powered feature: {{FEATURE_DESCRIPTION}}
Requirements:
1. Use the LLM client already wired in this repo. Do not add a new SDK.
2. Structure the prompt in a separate file (prompts/{{FEATURE}}.md), not inlined.
3. Use structured outputs (JSON schema) — never string-parse LLM output.
4. Implement token budgeting: log input tokens, output tokens, and cost per call.
5. Add prompt caching if the model supports it and the system prompt exceeds 1024 tokens.
6. Add a golden test: fixed input, fixed model version, snapshot the output shape (not exact text).
7. Add a retry policy for transient errors (rate limits, 5xx) with exponential backoff and jitter.
8. Emit a metric for latency p95 and error rate.
Output the file tree, then the code, then a runbook for tuning the prompt in production.
14. The Legacy Code Comprehension Pass
You've been dropped into unfamiliar code: {{TARGET}}.
Before making any changes, produce a comprehension document:
1. Purpose: what problem does this code solve? (infer from code, comments, and callers)
2. Entry points: how is this reached from the outside?
3. Data flow: trace the main function end-to-end. Diagram in ASCII if useful.
4. External dependencies: what does it call? What calls it?
5. Invariants: what must always be true for this code to work?
6. Known-unknowns: what did you have to guess about? Flag explicitly.
7. Suggested reading order for a new engineer: 3-5 files, in sequence.
Do not refactor. Do not "improve." Comprehension only.
15. The Release Readiness Checklist
Evaluate release readiness for the current branch against main. Run through this checklist and report each item as PASS / FAIL / N/A / NEEDS_HUMAN: - [ ] All tests pass locally - [ ] Coverage did not decrease on changed files - [ ] No new lint warnings - [ ] No new type errors - [ ] Migrations are reversible and have been tested down-then-up - [ ] Feature flags exist for anything risky - [ ] Changelog updated - [ ] No secrets or debug prints in diff - [ ] No TODO/FIXME added without a linked issue - [ ] Public API changes are documented - [ ] Performance-sensitive paths have benchmarks - [ ] Observability: new code emits metrics and structured logs - [ ] Rollback plan documented in PR description Output as a markdown checklist with evidence for each PASS (file:line references).
How These Prompts Compare to Alternatives
The prompts above are optimized specifically for Claude Code, but similar prompts run on GPT-5.2-Codex, GPT-5.3-Codex, Cursor with Claude Sonnet 4.6, or the Aider CLI. The results are not identical. Here’s a summary of production team reports across the current landscape (April 2026):
| Model / Tool | SWE-bench Verified | Terminal-Bench | Input / Output ($/M tok) | Context | Strength |
|---|---|---|---|---|---|
| Claude Opus 4.5 (Claude Code) | ~77% | ~58% | $5 / $25 | 200K | Long-horizon multi-file edits |
| Claude Sonnet 4.6 (Claude Code) | ~74% | ~55% | $3 / $15 | 200K | Speed + quality balance |
| GPT-5.3-Codex | ~73% | ~54% | $3 / $12 | 400K | Reasoning-heavy debugging |
| GPT-5.1-Codex-Max | ~76% | ~56% | $8 / $32 | 400K | Complex refactors with reasoning |
| Gemini 3.1 Pro Preview | ~68% | ~48% | $2 / $12 | 1M | Massive-context codebase reads |
| Claude Haiku 4.5 | ~64% | ~45% | $1 / $5 | 200K | High-volume, cost-sensitive tasks |
The prompts above are calibrated for the top three rows. If you’re running them against Haiku 4.5 or Gemini 3.1 Flash, you’ll want to be more explicit — smaller and cheaper models benefit from more prescriptive instructions, more examples, and shorter task horizons. The verification step becomes even more critical because these models are more likely to declare completion prematurely.
When to Use Which Model With These Prompts
Not every prompt requires Opus 4.5. Cost discipline matters when your team runs 10,000+ Claude Code sessions monthly. A practical routing policy:
- Opus 4.5 or GPT-5.1-Codex-Max: prompts 1 (surgical refactor), 6 (dependency audit), 9 (performance investigation), 12 (error handling), 14 (legacy comprehension). These need genuine reasoning across many files.
- Sonnet 4.6 or GPT-5.3-Codex: prompts 2 (bug repro), 4 (tests), 5 (endpoint), 7 (code review), 8 (migration), 10 (docs), 11 (types), 13 (LLM feature scaffold), 15 (release checklist). Balanced work, most common case.
- Haiku 4.5 or GPT-5.4-mini: prompt 3 (security review) can run here in bulk-scan mode with a follow-up escalation to Opus for critical findings. Also good for prompt 10 (docs) when volume matters.
Anthropic’s prompt caching (source) cuts costs by up to 90% on the cached prefix and reduces latency substantially. If your custom slash commands share a common preamble — your team’s coding standards, error taxonomy, and stack conventions — pull that into a cacheable block. On a team running these prompts hundreds of times a day, this compounds into thousands of dollars saved monthly.
For the engineering trade-offs behind this approach, see our related article: 5 Automation Prompts for GPT-5.4 — Copy-Paste Ready for Enterprise Deployments.
Making These Prompts Yours: The Customization Loop
Copy-paste is the starting point, not the finish line. The prompts above are generic; the versions that ship in production at your company should encode your specific standards. A team using Django with pytest and structlog needs different specifics than a team on Go with testify and zerolog.
The customization loop that works, based on how teams evolve their prompt libraries:
- Week 1: Drop the prompts in as-is. Log which ones you actually use. Most teams find 6-8 of the 15 become daily drivers; the rest are situational.
- Week 2: For each frequently-used prompt, add a “Repo conventions” section. Reference specific utility modules, error classes, logging patterns, and test helpers by name. This alone doubles first-pass acceptance.
- Week 3: Add examples inline. One good example beats three abstract rules. If your error handling standard is unusual, show a before/after snippet directly in the prompt.
- Week 4: Instrument. Have Claude Code output structured metadata (files touched, tests run, tokens consumed) at the end of every task. Feed that into your metrics stack. You’ll see which prompts have high rework rates — those are the ones to iterate on.
- Ongoing: Continuously refine prompts based on feedback, evolving standards, and new tooling.
⚡
Get Free Access — All Premium Content
→
🕐 Instant∞ Unlimited🎁 Free
Frequently Asked Questions
What SWE-bench Verified score does Claude Opus 4.5 achieve?
Claude Opus 4.5 achieved a 77.2% score on SWE-bench Verified in Q1 2026 benchmarks, while Claude Sonnet 4.6 reached 74.5%. These scores depend heavily on prompt scaffolding; vague prompts drop success rates to approximately 40% on the same tasks.
How does Claude Code differ from Cursor Composer or ChatGPT coding modes?
Claude Code operates with genuine tool-use over your filesystem via the Model Context Protocol (MCP), meaning it can read files, run tests, and make edits in an agentic loop. Chat-style code generation prompts underperform in this environment because they don’t account for multi-step, filesystem-aware execution.
Where should these Claude Code prompts be stored for easy reuse?
The prompts are designed to be saved in a .claude/commands/ directory within your project repository or piped through the Claude Code CLI as slash commands, allowing teams to share and version-control institutional prompt libraries alongside their codebase.
What is the seven-part skeleton every production Claude Code prompt uses?
Each prompt includes: role framing, context loading, task specification, constraints, structured output format, a verification step (running tests or self-review), and a stopping condition. This structure yields roughly a 4x improvement in first-pass acceptance rates compared to informal prompts.
Why is the verification step the most important part of a prompt?
Explicitly instructing Claude Opus 4.5 or Sonnet 4.6 to re-read its own diff and evaluate it against a checklist before declaring completion reduces silent bugs by approximately 60%. Both models support extended thinking, making structured self-review a high-leverage, low-cost quality gate.
What common failure modes do these 15 prompts specifically address?
The prompts are engineered to prevent hallucinated APIs, incomplete edits, missing error handling, and tests that pass without testing anything meaningful — the four failure patterns most frequently reported by engineering teams using Claude Code in production workflows in 2026.
