Prompting Strategies
Why Prompting Matters
The same task can produce wildly different results depending on how you phrase your request. Learning to write effective prompts is a skill that transfers across every AI tool — and it compounds. Better prompts → better code → less time debugging AI output.
The Core Principle: Context is Everything
AI tools generate the most probable continuation of what you've given them. More relevant context = better probability distribution = better output.
❌ Vague:
"Write a login function"
✅ Specific:
"Write a login function in Express.js that:
- Accepts email and password in the request body
- Uses bcrypt to compare the password against a hashed value from MongoDB
- Returns a JWT token signed with process.env.JWT_SECRET on success
- Returns 401 with { error: 'Invalid credentials' } on failure"
Techniques That Work
1. Describe Input → Output
For functions, describe exactly what goes in and what comes out:
"Write a function that takes an array of product objects
{ id, name, price, category } and returns an object grouped
by category, where each key is a category name and the value
is an array of products in that category."
2. Show an Example
Examples anchor the AI to your exact format:
"Format this date string into a human-readable label.
Input: '2024-01-15T10:30:00Z'
Output: 'January 15, 2024 at 10:30 AM'"
3. State Constraints Explicitly
"Refactor this function to use async/await.
Constraints:
- Don't change the function signature
- Keep error handling behavior identical
- Don't add new dependencies"
4. Give It the Error
When debugging, paste the full error — don't summarize it:
❌ "My app crashes when I try to log in"
✅ "Getting this error when I POST to /api/auth/login:
MongooseError: Operation `users.findOne()` buffering timed out after 10000ms
at Timeout.<anonymous> (/app/node_modules/mongoose/lib/helpers/promiseOrCallback.js:41:21)
The database connects on startup without errors."
5. Reference Existing Patterns
Point to code that already exists in your project:
"Write a new route handler for POST /api/comments.
Follow the same pattern as the existing POST /api/posts handler
in routes/posts.js, including the same error handling and
validation approach."
This produces code that matches your codebase's style — far more useful than generic output.
6. Ask for Explanation First
For complex problems, ask it to explain its approach before writing code:
"I need to implement rate limiting per user (not just per IP)
in my Express API. Before writing code, explain the approach
you'd use and what trade-offs are involved."
Review the approach, correct it if needed, then ask for the implementation.
7. Iterate Don't Retry
When output is wrong, explain specifically what's wrong:
❌ "That's wrong, try again"
✅ "This is close, but the groupBy function fails when a product
has no category. It should put uncategorized products in
an 'Other' group."
Task-Specific Prompts
Writing Tests
"Write Jest unit tests for the `calculateDiscount` function in
pricing.js. Include tests for:
- 10% discount when order total > $100
- 20% discount for premium users (user.tier === 'premium')
- No discount for orders under $100
- Edge case: discount should not reduce price below $0"
Code Review
"Review this Express middleware for security issues. Focus on:
- Input validation gaps
- Authentication and authorization flaws
- Potential injection vulnerabilities
- Sensitive data exposure"
Debugging
"This function is supposed to return unique values, but it's
returning duplicates. Walk me through why and how to fix it:
[paste code]
Test case that fails:
Input: [1, 2, 2, 3, 1]
Expected: [1, 2, 3]
Got: [1, 2, 2, 3, 1]"
Refactoring
"Refactor this function for readability. Current issues:
- Variable names are unclear (x, temp, arr2)
- Nested ternaries are hard to follow
- Side effect inside the map() is unexpected
Keep the same logic and return value."
Learning Something New
"I understand how useState works in React. Explain useReducer
to me using the same mental model — what's equivalent to state,
what's equivalent to setState, and when would I choose it
over useState?"
Building on what you already know produces explanations you can actually use.
Common Mistakes
Being too vague
The AI fills in gaps with its best guess — which may not match your codebase or requirements. Specify the framework, library versions, and desired behavior.
Accepting output without reading it
AI generates plausible-looking code that can be subtly wrong. Always read the output before running it, especially for security-sensitive code.
One giant prompt
Break complex tasks into steps. Get the architecture right first, then implement piece by piece. Long single prompts produce coherent-sounding but inconsistent output.
Ignoring follow-up questions
Good AI tools ask clarifying questions when requirements are ambiguous. Answer them specifically — vague answers produce vague code.
Using AI for everything
AI is a bad fit for:
- Deep algorithmic thinking that requires mathematical proof
- Novel research problems with no established solutions
- Understanding code you wrote yourself (read it)
- Security reviews of critical systems (get a human)
Verifying AI Output
For any AI-generated code that goes into production:
- Read every line — don't just run it
- Check edge cases — what happens with null, empty arrays, 0, very large values?
- Test it — write tests that cover the stated behavior
- Check dependencies — are the packages it uses real and maintained?
- Look for security issues — injection, missing validation, hardcoded secrets
- Understand it — if you can't explain what it does, you're not ready to ship it