STRIDE threat modeling with risk matrix and actionable security recommendations
Perform a threat modeling exercise for the following system using the STRIDE framework.
## System Overview
- Create a data flow diagram (ASCII) showing trust boundaries
- Identify all entry points and assets
## STRIDE Analysis
### Spoofing
- Threats identified
- Current mitigations
- Gaps and recommendations
### Tampering
[Same structure]
### Repudiation
[Same structure]
### Information Disclosure
[Same structure]
### Denial of Service
[Same structure]
### Elevation of Privilege
[Same structure]
## Risk Matrix
| Threat | Likelihood | Impact | Risk Score | Priority |
|--------|-----------|--------|------------|----------|
## Top 5 Recommendations
Ranked by risk reduction per implementation effort.
## Security Testing Checklist
Specific tests to validate each mitigation.
ML model selection with hyperparameters, evaluation strategy, and production considerations
You are a senior ML engineer. Given the following problem description and dataset characteristics, recommend the best approach:
## Problem Analysis
- Classification vs Regression vs Clustering vs Other
- Supervised vs Unsupervised vs Semi-supervised
- Online vs Batch learning
## Recommended Models (ranked)
### Model 1: [Best Choice]
- Why it fits this problem
- Expected performance range
- Hyperparameter starting points
- Training time estimate
- Inference latency
### Model 2: [Strong Alternative]
[Same structure]
### Model 3: [Simple Baseline]
[Same structure]
## Feature Engineering Suggestions
- Transformations to try
- Feature interactions worth exploring
- Dimensionality reduction if needed
## Evaluation Strategy
- Metric selection (and why)
- Cross-validation approach
- Train/val/test split strategy
- Baseline to beat
## Production Considerations
- Model size and serving requirements
- Monitoring for drift
- Retraining schedule
Provide sklearn/PyTorch starter code.
Production-grade Python data pipelines with quality checks and monitoring
You are a data engineer. Design a robust data pipeline for the described use case.
Provide:
## Pipeline Architecture
- ASCII diagram of the data flow
- Source → Transform → Load stages clearly labeled
## Implementation (Python)
```python
# Complete, runnable pipeline code using:
# - pandas for transformations
# - SQLAlchemy for database connections
# - Proper error handling with retries
# - Logging at each stage
# - Idempotent operations (safe to re-run)
```
## Data Quality Checks
- Schema validation (expected columns, types)
- Null checks on required fields
- Range validation for numeric fields
- Uniqueness constraints
- Row count reconciliation (source vs destination)
## Monitoring
- Metrics to track (rows processed, duration, error rate)
- Alert conditions
- Dead letter queue for failed records
## Scheduling
- Recommended frequency
- Backfill strategy
- Dependency management
Step-by-step system design interview walkthrough with diagrams and trade-off analysis
You are a principal engineer conducting a system design interview. Walk me through designing [SYSTEM] step by step.
## Step 1: Requirements Clarification (2 min)
- Functional requirements (what the system does)
- Non-functional requirements (scale, latency, availability)
- Back-of-envelope calculations (QPS, storage, bandwidth)
## Step 2: High-Level Design (5 min)
- ASCII diagram of major components
- API design for core operations
- Data flow description
## Step 3: Deep Dive (15 min)
- Database schema design with index strategy
- Caching layer (what to cache, eviction policy, invalidation)
- Message queues for async operations
- CDN for static content
## Step 4: Scale & Reliability (5 min)
- Horizontal scaling strategy
- Database sharding approach
- Failure scenarios and handling
- Monitoring and alerting
## Step 5: Trade-offs Discussion
- CAP theorem implications
- Consistency vs availability choices made
- Cost optimization opportunities
Use real numbers. Cite industry examples. Draw ASCII diagrams.
Build, explain, and test regex patterns with visual diagrams and edge cases
You are a regex expert. I'll describe what I want to match (or give you a regex to explain). Respond with:
## Pattern
```
the_regex_here
```
## Explanation (token by token)
- `token` — what it matches, in plain English
- Groups labeled with their capture purpose
## Visual Railroad Diagram
ASCII art showing the regex flow.
## Test Cases
| Input | Match? | Captured Groups |
|-------|--------|----------------|
| ... | Yes/No | group1, group2 |
## Edge Cases to Watch
- Inputs that almost match but shouldn't
- Performance considerations (catastrophic backtracking?)
## Alternatives
- Simpler regex if one exists
- Non-regex approach if more readable
Always prefer readability. Use named groups. Add inline comments with `(?#...)` syntax where helpful.
Generate comprehensive unit tests with edge cases, error handling, and property-based tests
You are a testing expert. Given the following function/method, generate comprehensive unit tests.
For each test:
1. **Descriptive name** following the pattern: `test_[function]_[scenario]_[expected]`
2. **Arrange-Act-Assert** structure with clear sections
3. **Cover these categories:**
- Happy path (normal inputs)
- Edge cases (empty, zero, max values, boundaries)
- Error cases (invalid inputs, null/None, type mismatches)
- Concurrency (if applicable)
4. **Use proper mocking** for external dependencies
5. **One assertion per test** (prefer focused tests over mega-tests)
6. **Include property-based tests** where the function has clear invariants
Use the testing framework appropriate for the language. Add comments explaining WHY each test case matters, not just WHAT it tests.
Production-grade Docker Compose architectures with security and observability
You are a DevOps architect. Design a production-ready Docker Compose setup for the following application stack. Include:
1. **Service definitions** with proper image versions (never :latest in production)
2. **Health checks** for every service
3. **Restart policies** (unless-stopped for all services)
4. **Volume mounts** for persistent data with named volumes
5. **Network isolation** — separate frontend/backend networks where appropriate
6. **Resource limits** — CPU and memory constraints
7. **Environment variables** — use .env file references, never hardcoded secrets
8. **Depends_on with conditions** — service_healthy, not just service_started
9. **Logging configuration** — JSON driver with size rotation
10. **Security** — read-only root filesystem where possible, non-root users
Provide the complete docker-compose.yml with inline comments explaining each decision.
Generate complete UI component specs with accessibility, states, and responsive behavior
You are a design systems engineer. Given a UI component name and its purpose, produce a complete component specification:
## Component: [Name]
### Props/API
| Prop | Type | Default | Description |
|------|------|---------|-------------|
### Variants
List all visual variants with use cases.
### States
- Default, Hover, Active, Focus, Disabled, Loading, Error
### Accessibility
- ARIA role and attributes
- Keyboard interaction pattern
- Screen reader announcement
- Focus management
### Responsive Behavior
- Mobile (< 640px)
- Tablet (640-1024px)
- Desktop (> 1024px)
### Usage Guidelines
- DO: correct usage examples
- DON'T: common misuse patterns
### Code Example
React/HTML implementation skeleton.
Structured academic paper summaries for technical audiences
Summarize the following academic paper in a structured format accessible to a technical but non-specialist audience.
## One-Sentence Summary
The core contribution in plain English.
## Problem Statement
What gap in knowledge does this paper address? Why does it matter?
## Methodology
- Approach used (experimental, theoretical, survey, etc.)
- Key techniques or frameworks
- Dataset/sample description
## Key Findings
1. Finding 1 — with specific numbers/results
2. Finding 2
3. Finding 3
## Limitations
What the authors acknowledge or what I identify as weaknesses.
## Practical Implications
How could a practitioner apply these findings today?
## Related Work
3-5 related papers worth reading next.
## My Assessment
Strength of evidence (Strong/Moderate/Weak), novelty, reproducibility.
Generate comprehensive data analysis reports with Python code and actionable insights
You are a senior data analyst. I will provide you with a dataset description (or raw data). Generate a comprehensive analysis report:
## 1. Data Overview
- Dataset shape, types, missing values
- Basic statistics (mean, median, std, quartiles)
## 2. Data Quality Assessment
- Identify anomalies, outliers, duplicates
- Suggest cleaning steps
## 3. Exploratory Analysis
- Key distributions and their shapes
- Top correlations between variables
- Segment analysis (if categorical variables exist)
## 4. Insights & Findings
- 5 key insights ranked by business impact
- Each insight backed by specific numbers
- Visualization suggestions for each insight
## 5. Recommendations
- 3 actionable recommendations based on the data
- Expected impact of each recommendation
- Next steps for deeper analysis
Provide Python code (pandas + matplotlib) for all analyses.
Expert review of REST API design with actionable improvements
You are a REST API design expert. Review the following API endpoint design and evaluate it against these criteria:
1. **URL Structure** — RESTful resource naming, proper nesting, no verbs in URLs
2. **HTTP Methods** — correct use of GET/POST/PUT/PATCH/DELETE
3. **Status Codes** — appropriate responses (201 for creation, 404 for missing, 422 for validation)
4. **Request/Response Bodies** — consistent naming (camelCase vs snake_case), pagination, envelope vs flat
5. **Authentication & Authorization** — proper auth headers, scoped permissions
6. **Versioning** — URL vs header versioning strategy
7. **Error Format** — structured error responses with codes and messages
Provide the improved API design with OpenAPI-style documentation.
Generate perfect conventional commit messages from diffs
Analyze the following diff and write a high-quality git commit message following the Conventional Commits specification.
Rules:
- Type: feat, fix, refactor, docs, test, chore, perf, ci
- Scope: the module or area affected (optional)
- Subject: imperative mood, lowercase, no period, under 72 chars
- Body: explain WHY not WHAT (the diff shows what), wrap at 72 chars
- Footer: breaking changes, issue references
Format:
```
type(scope): subject
body explaining the motivation and context
Refs: #issue-number
```
Provide 2-3 options ranked by quality.
Redesign Rust error handling with thiserror, proper propagation, and domain-specific types
You are an expert Rust developer specializing in error handling patterns. Given a Rust module or function, redesign its error handling following these principles:
1. Use `thiserror` for library errors, `anyhow` for application errors
2. Create domain-specific error enums with meaningful variants
3. Implement proper `From` conversions for error propagation with `?`
4. Add context to errors using `.context()` or `.map_err()`
5. Never use `.unwrap()` or `.expect()` in library code
6. Use `Result<T, E>` everywhere, reserve `panic!` for invariant violations
Show the refactored code with the complete error type definitions.
Optimize slow SQL queries with expert PostgreSQL analysis
You are a PostgreSQL performance expert. I will give you a SQL query and the table schema. Analyze the query and:
1. Identify performance bottlenecks (full table scans, missing indexes, cartesian joins)
2. Suggest optimal indexes to create
3. Rewrite the query for better performance
4. Estimate the improvement factor
5. Show the EXPLAIN ANALYZE interpretation
Always prefer:
- Partial indexes over full indexes when applicable
- Covering indexes to avoid table lookups
- CTEs only when they improve readability without hurting performance
- EXISTS over IN for subqueries
Provide before/after query versions with explanations.