#agentic-coding#broad-prompting#ai-development#meta-prompting#iterative-improvement
Agentic Coding with Broad Prompting: The Iterative Improvement Workflow
Your AI coding agent just said "I'm done!" with your implementation. But are you really done? Absolutely not. This is where most developers stop, and where smart developers start using broad prompting to push their AI beyond basic functionality into production-ready, bulletproof code.
This guide shows you the exact iterative workflow that transforms "working code" into "production-ready systems" using broad prompting and meta-prompting techniques.
Key insight: You can take ANY AI response and use meta-prompting to generate the perfect prompt for your next chat. This creates a continuous improvement cycle that keeps pushing your implementations deeper.
"The difference between code that works and code that works in production is about 10 rounds of 'what else could go wrong?'"
Table of Contents
- The Problem: AI Agents Stop Too Early
- The Iterative Improvement Workflow
- Phase 1: Initial Implementation
- Phase 2: Code Analysis & Issue Discovery
- Phase 3: Meta-Prompting for Fixes
- Phase 4: Production Readiness Check
- Phase 5: Expansion & Enhancement
- Real-World Examples
- Advanced Techniques
- Building Your Workflow
The Problem: AI Agents Stop Too Early
Here's what typically happens:
You: "Implement user authentication" / "Build a REST API" / "Create a file upload system"
AI Agent: "Here's your implementation! ✅ Done!"
You: "Great, thanks!" Ships to production
Production: 💥💥💥 Everything breaks
The problem? AI agents are optimistic finishers. They implement the happy path, declare victory, and move on. But production code needs to handle:
- Edge cases they didn't consider
- Security vulnerabilities they missed
- Performance issues they ignored
- Error scenarios they skipped
- Integration problems they overlooked
- Monitoring gaps they left
- Testing holes they created
This is where broad prompting saves the day.
The Iterative Improvement Workflow
The workflow has 6 phases that turn "working code" into "production code":
Phase 1: Initial Implementation
↓
Phase 2: Code Analysis & Issue Discovery
↓
Phase 3: Meta-Prompting for Fixes
↓
Phase 4: Production Readiness Check
↓
Phase 5: Feature Planning & Task Generation
↓
Phase 6: Expansion & Enhancement
Each phase uses specific broad prompting techniques to push deeper than the previous phase.
Phase 1: Initial Implementation
This is your standard coding agent interaction. Nothing special here—just get the basic feature working.
Examples:
Authentication System:
Implement user authentication for my web app. Include:
- User registration and login
- Password hashing
- JWT token generation
- Basic session management
File Upload API:
Build a file upload system that handles:
- Multiple file types (images, documents)
- File validation and storage
- Progress tracking
- Basic error responses
REST API:
Create a REST API for a blog application with:
- CRUD operations for posts
- User authorization
- Input validation
- JSON responses
AI Response: Implements basic functionality
AI: "Done! Your [feature] is ready."
You: "Cool, but we're just getting started..."
Phase 2: Code Analysis & Issue Discovery
This is where broad prompting starts. Instead of accepting "done," you audit the implementation.
The Codebase Analysis Prompt Template
Analyze my codebase for issues with this [FEATURE] implementation. Look for:
1. **Security Issues**
- Are credentials properly secured?
- Is input validation comprehensive?
- Are there any data exposure risks?
- What about authentication/authorization gaps?
2. **Error Handling Gaps**
- What happens when external services are down?
- How do we handle network failures?
- What about invalid user inputs?
- Are we handling all error types gracefully?
3. **Edge Cases**
- What unusual scenarios aren't handled?
- How do we deal with concurrent operations?
- What about rate limiting scenarios?
- Are boundary conditions covered?
4. **Integration Issues**
- How does this connect to existing systems?
- What about database consistency?
- Are there race conditions?
- How do we handle partial failures?
5. **Performance Problems**
- Are there unnecessary API calls or queries?
- Should we be caching anything?
- Are database operations optimized?
- What about memory usage?
6. **Monitoring & Observability**
- How do we track failures and errors?
- What metrics should we monitor?
- How do we debug issues in production?
- Are we logging enough information?
7. **Testing Gaps**
- What scenarios aren't tested?
- Are error conditions covered?
- What about integration tests?
- How do we test external dependencies?
Provide a detailed list of specific issues found in each category.
Example Analysis Results
Authentication System Issues:
Found 19 issues with your authentication implementation:
SECURITY ISSUES:
- Password reset tokens never expire
- No rate limiting on login attempts
- JWT secrets are hardcoded
- User sessions aren't invalidated on logout
ERROR HANDLING GAPS:
- No handling for email service failures
- Database connection errors crash the app
- Malformed JWT tokens cause 500 errors
- No graceful degradation for dependencies
EDGE CASES:
- Concurrent login attempts create duplicate sessions
- Password changes don't invalidate existing tokens
- Account verification emails aren't deduplicated
- No handling for email bounces
File Upload System Issues:
Found 15 issues with your file upload implementation:
SECURITY ISSUES:
- No file type validation beyond extensions
- Uploaded files aren't scanned for malware
- No size limits enforced server-side
- File paths are exposed in responses
PERFORMANCE PROBLEMS:
- Large files block the main thread
- No streaming upload support
- Thumbnails generated synchronously
- No CDN integration for serving files
REST API Issues:
Found 22 issues with your blog API implementation:
SECURITY ISSUES:
- No input sanitization for SQL injection
- API endpoints lack rate limiting
- Sensitive data returned in error messages
- No CORS policy configured
INTEGRATION ISSUES:
- Database transactions not used for related operations
- No pagination for large result sets
- Cascading deletes not handled properly
- Search functionality is inefficient
The beauty of this template is it works for any feature. Just replace [FEATURE] with whatever you're auditing—authentication, file uploads, APIs, payment processing, etc.
Converting Analysis to Action
After getting your list of issues, don't stop there. Use meta-prompting to generate the fix prompt:
Based on the issues you just identified, write a comprehensive prompt for the next chat to fix these problems systematically. The prompt should:
1. **Prioritize by Severity**
- Group critical, high, medium, and low priority issues
- Specify which to tackle first and why
2. **Provide Implementation Context**
- Include relevant code snippets and file references
- Explain the current architecture
- Note any constraints or requirements
3. **Structure the Work**
- Break into logical implementation phases
- Define dependencies between fixes
- Include verification steps for each fix
4. **Format for Copy-Paste**
- Create a complete prompt I can copy to a new chat
- Include all necessary context and instructions
- Make it actionable and specific
Write the complete fix prompt now.
Phase 3: Meta-Prompting for Fixes
Now comes the meta-prompting magic. Instead of manually fixing each issue, you generate a prompt for the next chat to handle the fixes systematically.
The Meta-Prompt Generator
Based on the issues you found, write a comprehensive prompt for the next chat to fix these Stripe implementation problems. The prompt should:
1. **Prioritize Issues**
- Group by severity (critical, high, medium, low)
- Specify which to fix first
- Explain the rationale for prioritization
2. **Provide Context**
- Include relevant code snippets
- Reference specific files and functions
- Explain the current architecture
3. **Specify Requirements**
- Detail what each fix should accomplish
- Include acceptance criteria
- Specify testing requirements
4. **Structure the Work**
- Break into logical phases
- Define dependencies between fixes
- Suggest verification steps
Write the complete prompt that I can copy-paste into a new chat to get these issues resolved systematically.
Example Generated Prompts
For Authentication System:
AUTHENTICATION SYSTEM FIX PROMPT
================================
Context: You're fixing a user authentication system that has 19 identified issues across security, error handling, and edge cases.
Current Architecture:
- Node.js Express API with JWT
- PostgreSQL user database
- Email service for verification
- Redis for session management
PHASE 1: CRITICAL SECURITY FIXES (Fix First)
-------------------------------------------
1. **Password Reset Security**
- Add expiration to password reset tokens (15 minutes)
- Implement rate limiting (5 attempts per hour per email)
- Invalidate tokens after use
- Add secure random token generation
2. **JWT Security**
- Move JWT secrets to environment variables
- Implement token rotation
- Add token blacklisting on logout
- Set appropriate expiration times
[... continues with detailed specifications]
For File Upload System:
FILE UPLOAD SYSTEM FIX PROMPT
=============================
Context: You're fixing a file upload system with 15 security and performance issues.
Current Architecture:
- Express.js with multer middleware
- Local file storage
- Basic validation
- Synchronous processing
PHASE 1: CRITICAL SECURITY FIXES
--------------------------------
1. **File Type Validation**
- Implement MIME type checking beyond extensions
- Add file content validation
- Create whitelist of allowed file types
- Add virus scanning integration
2. **File Size and Path Security**
- Enforce server-side size limits
- Sanitize file names and paths
- Prevent directory traversal attacks
- Implement secure file naming
[... continues with detailed specifications]
For REST API:
REST API SECURITY FIX PROMPT
===========================
Context: You're fixing a blog REST API with 22 security and performance issues.
Current Architecture:
- Express.js REST API
- PostgreSQL database
- Basic CRUD operations
- No authentication middleware
PHASE 1: CRITICAL SECURITY FIXES
--------------------------------
1. **SQL Injection Prevention**
- Replace string concatenation with parameterized queries
- Implement input sanitization
- Add ORM/query builder usage
- Test with SQL injection payloads
2. **Authentication and Authorization**
- Add JWT middleware to protected routes
- Implement role-based access control
- Add rate limiting per user/IP
- Secure sensitive endpoints
[... continues with detailed specifications]
Phase 4: Production Readiness Check
After the fixes are implemented, you do another broad prompting round to ensure production readiness.
The Production Readiness Audit
Is my Stripe implementation production ready? Audit it against these production criteria:
1. **Reliability**
- Can it handle 10,000 transactions per day?
- What happens during Stripe outages?
- Are there adequate retries and fallbacks?
- How resilient is it to failures?
2. **Security**
- Would this pass a security audit?
- Are we PCI DSS compliant?
- Is customer data properly protected?
- Are there any remaining vulnerabilities?
3. **Monitoring & Alerting**
- Can we detect issues immediately?
- What alerts should be set up?
- Are we tracking the right metrics?
- How do we monitor payment health?
4. **Maintainability**
- Is the code easy to debug?
- Are there adequate logs?
- Is documentation complete?
- Can new developers understand it?
5. **Compliance**
- Are we handling taxes correctly?
- Is financial reporting accurate?
- Are we meeting legal requirements?
- Is audit trail complete?
6. **Business Continuity**
- What's the disaster recovery plan?
- How do we handle data backups?
- What's the rollback strategy?
- Are there business impact considerations?
For each area, provide:
- Current status assessment
- Remaining gaps
- Specific action items
- Priority recommendations
Meta-Prompting for Production Gaps
After getting your production readiness assessment, generate the prompt to fix any remaining issues:
Based on your production readiness assessment, write a prompt for the next chat to address all remaining gaps. The prompt should:
1. **Focus on Production-Critical Items**
- Prioritize by business risk and impact
- Highlight must-fix vs nice-to-have items
- Consider deployment timeline constraints
2. **Include Deployment Context**
- Reference current production environment
- Note any infrastructure requirements
- Include monitoring and alerting needs
3. **Structure Implementation**
- Order tasks by dependencies and risk
- Include rollback plans for risky changes
- Define success criteria for each fix
4. **Add Verification Steps**
- Specify how to test each improvement
- Include performance benchmarks
- Define monitoring to validate fixes
Write a comprehensive prompt to make this production-ready.
Phase 5: Feature Planning & Task Generation
Sometimes you need to implement a new feature from scratch. Here's where broad prompting helps you plan the complete implementation before you start coding.
The Feature Planning Prompt
I want to implement [FEATURE] in my codebase. Before we start coding, analyze my current architecture and generate a comprehensive task list.
Current System Context:
- [Brief description of your current tech stack]
- [Key existing features/modules]
- [Database schema if relevant]
- [Authentication/authorization setup]
Feature Requirements:
- [What you want to build]
- [Key functionality needed]
- [Integration points with existing system]
Generate a detailed task list that includes:
1. **Architecture Planning**
- What components need to be created/modified?
- How does this integrate with existing code?
- What database changes are needed?
2. **Implementation Tasks**
- Break down into specific, actionable tasks
- Order tasks by dependencies
- Estimate complexity for each task
3. **Quality Assurance Tasks**
- What tests need to be written?
- What security considerations are there?
- What error handling is needed?
4. **Integration Tasks**
- How does this connect to existing features?
- What APIs or interfaces need updating?
- What migration scripts are needed?
5. **Documentation & Deployment**
- What documentation needs updating?
- What deployment steps are required?
- What monitoring should be added?
Format as a numbered task list that I can copy-paste into the next chat for implementation.
Example: Adding Real-Time Chat Feature
Your Prompt:
I want to implement real-time chat functionality in my existing SaaS application.
Current System:
- Next.js frontend with TypeScript
- Node.js Express API backend
- PostgreSQL database with user/project tables
- JWT authentication already implemented
- Currently handles team collaboration on projects
Feature Requirements:
- Real-time messaging between team members
- Chat rooms per project
- Message history and search
- File sharing in chat
- Online presence indicators
Generate a comprehensive task list for implementation.
AI Response:
REAL-TIME CHAT IMPLEMENTATION TASK LIST
=======================================
Copy this into your next chat for implementation:
PHASE 1: DATABASE & BACKEND SETUP
---------------------------------
1. Create chat database schema (messages, chat_rooms, participants tables)
2. Set up WebSocket server with Socket.io
3. Implement JWT authentication for WebSocket connections
4. Create chat room management API endpoints
5. Build message CRUD operations with pagination
6. Add file upload endpoint for chat attachments
7. Implement user presence tracking system
PHASE 2: REAL-TIME FUNCTIONALITY
--------------------------------
8. Set up WebSocket event handlers (join_room, send_message, typing_start/stop)
9. Implement real-time message broadcasting
10. Add typing indicators functionality
11. Build online/offline presence system
12. Create message delivery confirmation system
13. Add rate limiting for chat messages
PHASE 3: FRONTEND IMPLEMENTATION
-------------------------------
14. Create chat UI components (ChatWindow, MessageList, MessageInput)
15. Set up Socket.io client connection with auth
16. Implement real-time message rendering
17. Add typing indicators to UI
18. Build file upload/preview in chat
19. Create user presence indicators
20. Add message search functionality
PHASE 4: INTEGRATION & POLISH
-----------------------------
21. Integrate chat with existing project pages
22. Add push notifications for offline users
23. Implement message encryption for security
24. Create chat moderation tools
25. Add emoji/reaction support
26. Build chat export functionality
PHASE 5: TESTING & DEPLOYMENT
-----------------------------
27. Write unit tests for chat API endpoints
28. Create WebSocket connection tests
29. Add integration tests for real-time features
30. Performance test with multiple concurrent users
31. Set up monitoring for WebSocket connections
32. Deploy with load balancer configuration for WebSockets
DEPENDENCIES:
- Tasks 1-7 must complete before 8-13
- Tasks 14-20 can run parallel to backend work
- Tasks 21-26 require both backend and frontend completion
- Tasks 27-32 should run after core functionality is complete
ESTIMATED COMPLEXITY:
- High: Tasks 2, 8, 12, 23, 30
- Medium: Tasks 1, 9, 14, 21, 29
- Low: Tasks 15, 16, 19, 25, 31
Example: Adding Payment Processing
Your Prompt:
I want to add Stripe payment processing to my existing e-commerce platform.
Current System:
- React frontend with Redux
- Django REST API backend
- PostgreSQL with products/users/orders tables
- Basic order management already exists
- Email system for notifications
Feature Requirements:
- Credit card payments with Stripe
- Subscription billing for premium features
- Refund processing
- Payment history and invoicing
- Tax calculation integration
Generate a comprehensive implementation task list.
AI Response:
STRIPE PAYMENT INTEGRATION TASK LIST
====================================
Copy this into your next chat for implementation:
PHASE 1: STRIPE SETUP & BACKEND
-------------------------------
1. Set up Stripe account and get API keys
2. Install Stripe SDK and configure environment variables
3. Create payment-related database models (payments, subscriptions, invoices)
4. Build Stripe customer creation API endpoint
5. Implement payment intent creation for one-time payments
6. Set up subscription creation and management endpoints
7. Create webhook endpoint for Stripe events
8. Add payment method storage and management
PHASE 2: CORE PAYMENT FLOWS
---------------------------
9. Implement checkout session creation
10. Build payment confirmation handling
11. Add subscription upgrade/downgrade logic
12. Create refund processing functionality
13. Implement failed payment retry logic
14. Add proration calculations for plan changes
15. Build invoice generation system
PHASE 3: FRONTEND INTEGRATION
-----------------------------
16. Set up Stripe Elements for secure card input
17. Create checkout flow UI components
18. Build payment method management interface
19. Add subscription management dashboard
20. Implement payment history display
21. Create invoice download functionality
22. Add payment status indicators throughout app
PHASE 4: ADVANCED FEATURES
--------------------------
23. Integrate tax calculation service (Stripe Tax or TaxJar)
24. Add multi-currency support
25. Implement dunning management for failed payments
26. Create payment analytics dashboard
27. Add promotional codes and discounts
28. Build payment dispute handling
PHASE 5: SECURITY & COMPLIANCE
------------------------------
29. Implement webhook signature verification
30. Add PCI compliance measures
31. Create payment audit logging
32. Set up fraud detection rules
33. Add rate limiting for payment endpoints
34. Implement proper error handling and user messaging
PHASE 6: TESTING & MONITORING
-----------------------------
35. Write unit tests for payment logic
36. Create integration tests with Stripe test mode
37. Add end-to-end payment flow tests
38. Set up payment monitoring and alerting
39. Create payment reconciliation reports
40. Load test payment processing
CRITICAL DEPENDENCIES:
- Complete tasks 1-8 before starting frontend work
- Tasks 23-28 require core payment flows (9-15) to be complete
- Security tasks (29-34) should be implemented alongside core features
- Testing (35-40) should happen throughout development
HIGH-PRIORITY TASKS:
- Tasks 7, 29, 30, 33 (security-critical)
- Tasks 10, 13, 38 (business-critical)
- Tasks 16, 17, 18 (user experience-critical)
Converting Task Lists to Implementation Prompts
Don't just copy-paste the task list into your next chat. Use meta-prompting to create a comprehensive implementation prompt:
Based on this task list you just created, write a detailed implementation prompt for the next chat that will guide an AI coding agent through building this feature. The prompt should:
1. **Provide Complete Context**
- Include all necessary background about the existing system
- Reference the task list with phase-by-phase breakdown
- Specify the tech stack and architecture constraints
2. **Structure the Implementation**
- Break down into clear implementation phases
- Specify which tasks can be done in parallel
- Include dependencies and prerequisites for each phase
3. **Add Technical Specifications**
- Include API endpoint specifications where relevant
- Define database schema requirements
- Specify UI/UX requirements and wireframes needed
4. **Include Quality Gates**
- Define testing requirements for each phase
- Specify security requirements and validation
- Include performance benchmarks and monitoring
5. **Format for Execution**
- Create actionable, step-by-step instructions
- Include code examples and patterns to follow
- Specify deliverables and success criteria
Write the complete implementation prompt that I can use in the next chat to build this feature systematically.
This gives you a much more detailed and actionable prompt than just the raw task list.
Phase 6: Expansion & Enhancement
After you've planned and implemented your feature, the final broad prompting phase explores what else could be added or improved.
The Enhancement Discovery Prompt
What else should we add to this Stripe implementation to make it truly world-class? Consider:
1. **Business Features**
- What payment features are we missing?
- What would improve customer experience?
- What would reduce support burden?
- What analytics would be valuable?
2. **Technical Improvements**
- What would make this more scalable?
- What would improve performance?
- What would reduce maintenance overhead?
- What would improve reliability?
3. **Integration Opportunities**
- What other systems should connect?
- What data should be synchronized?
- What workflows could be automated?
- What reporting could be enhanced?
4. **Future-Proofing**
- What Stripe features are coming?
- What business model changes might we need?
- What scaling challenges should we prepare for?
- What technical debt should we address?
Prioritize suggestions by:
- Business impact
- Implementation effort
- Technical risk
- Strategic value
Provide specific implementation recommendations for the top 5 suggestions.
Meta-Prompting for Enhancement Implementation
After getting enhancement suggestions, create implementation prompts for the most valuable ones:
Based on your enhancement recommendations, select the top 3 suggestions and write implementation prompts for each. For each enhancement, create a prompt that includes:
1. **Business Justification**
- Why this enhancement adds value
- Expected ROI or user impact
- Success metrics to track
2. **Technical Implementation Plan**
- Architecture changes required
- Integration points with existing system
- Potential risks and mitigation strategies
3. **Resource Requirements**
- Development time estimates
- Skill requirements
- Infrastructure or tool needs
4. **Implementation Phases**
- Break into milestone-based phases
- Define MVP vs full implementation
- Include user feedback collection points
Format each as a complete prompt I can use in separate chats to implement these enhancements.
Real-World Examples
Example 1: E-commerce Checkout Flow
Phase 1: Initial Implementation
You: "Implement checkout flow with Stripe"
AI: "Done! Here's your checkout system."
Phase 2: Issue Discovery
You: "Analyze my checkout implementation for issues..."
AI: "Found 18 issues including: no inventory checking during payment, no handling for expired carts, missing fraud detection, no guest checkout option..."
Phase 3: Meta-Prompting
You: "Based on these issues, write a comprehensive prompt for the next chat to fix these problems systematically..."
AI: "CHECKOUT SYSTEM FIX PROMPT: Context: You're fixing an e-commerce checkout with 18 identified issues... PHASE 1: Critical Security Fixes..."
*You copy-paste to new chat*
Phase 4: Production Check
You: "Is my checkout flow production ready?"
AI: "Mostly yes, but you need: load balancing for payment processing, better error recovery, additional fraud checks..."
Phase 5: Enhancement
You: "What else should we add to this checkout?"
AI: "Consider: one-click reorders, abandoned cart recovery, multiple payment methods, international currency support..."
Example 2: SaaS Subscription Management
Phase 1: Initial Implementation
You: "Build subscription management with Stripe billing"
AI: "Here's your subscription system with basic plans and billing."
Phase 2: Issue Discovery
You: "Audit this subscription system for production issues..."
AI: "Critical issues found: no dunning management, missing proration logic, no plan change restrictions, inadequate webhook handling..."
Phase 3: Meta-Prompting
You: "Based on these issues, write a comprehensive prompt for the next chat to fix these subscription problems systematically..."
AI: "SUBSCRIPTION SYSTEM FIX PROMPT: Context: You're fixing a SaaS subscription system with critical billing and webhook issues... Phase 1: Critical billing fixes..."
*You copy-paste to new chat*
Phase 4: Production Check
You: "Is this subscription system ready for 10k+ customers?"
AI: "Scale issues detected: webhook processing bottleneck, missing usage tracking, inadequate reporting..."
Phase 5: Enhancement
You: "What advanced features should we add?"
AI: "Priority features: usage-based billing, enterprise plans, self-service portal, advanced analytics..."
Example 3: Marketplace Payment Processing
Phase 1: Initial Implementation
You: "Implement marketplace payments with Stripe Connect"
AI: "Here's your marketplace payment system with vendor payouts."
Phase 2: Issue Discovery
You: "What's wrong with this marketplace implementation?"
AI: "Major gaps: no KYC verification flow, missing tax handling, no dispute management, inadequate vendor onboarding..."
Phase 3: Meta-Prompting
You: "Based on these gaps, write a comprehensive prompt for the next chat to fix these marketplace issues systematically..."
AI: "MARKETPLACE PAYMENT FIX PROMPT: Context: You're fixing a marketplace payment system with KYC, tax, and compliance gaps... Critical: KYC compliance, tax calculation..."
*You copy-paste to new chat*
Phase 4: Production Check
You: "Can this handle a real marketplace with hundreds of vendors?"
AI: "Scaling concerns: payout processing bottlenecks, reporting limitations, compliance gaps..."
Phase 5: Enhancement
You: "What would make this a world-class marketplace platform?"
AI: "Advanced features: instant payouts, multi-currency support, advanced fraud detection, vendor analytics dashboard..."
Advanced Techniques
Technique 1: The Perspective Rotation
Ask different expert personas to audit your code:
Audit my Stripe implementation from these expert perspectives:
**Security Expert**: What vulnerabilities exist?
**Performance Engineer**: What will break under load?
**DevOps Engineer**: What will cause production issues?
**Compliance Officer**: What regulatory issues exist?
**Support Manager**: What will create support tickets?
**Business Analyst**: What business requirements are missing?
For each perspective, provide specific findings and recommendations.
Technique 2: The Failure Mode Analysis
Systematically explore what could go wrong:
Perform a failure mode analysis on my Stripe integration:
1. **Payment Failures**
- What happens when cards are declined?
- How do we handle insufficient funds?
- What about expired cards?
2. **System Failures**
- What if our database is down?
- How do we handle Stripe API outages?
- What about network connectivity issues?
3. **Data Corruption**
- What if webhook data is malformed?
- How do we handle duplicate events?
- What about missing webhook events?
4. **Security Breaches**
- What if API keys are compromised?
- How do we handle payment data breaches?
- What about webhook endpoint attacks?
For each failure mode, specify detection, mitigation, and recovery strategies.
Technique 3: The Scale Stress Test
Push your implementation to its limits:
Stress test my Stripe implementation for scale:
**Current Scale**: 100 transactions/day
**Target Scale**: 10,000 transactions/day
What breaks when we scale 100x?
1. **Database Performance**
- Which queries become bottlenecks?
- What indexes are needed?
- Where do we need caching?
2. **API Rate Limits**
- Do we hit Stripe rate limits?
- How do we handle backpressure?
- What retry strategies are needed?
3. **Webhook Processing**
- Can we process webhooks fast enough?
- What happens during traffic spikes?
- Do we need queue processing?
4. **Memory and CPU**
- What are the resource requirements?
- Where are memory leaks likely?
- What processes need optimization?
Provide specific scaling solutions for each bottleneck.
Technique 4: The Compliance Deep Dive
Ensure your implementation meets all requirements:
Audit my Stripe implementation for compliance requirements:
**PCI DSS Compliance**
- Are we handling card data correctly?
- What PCI requirements apply to our setup?
- Are there any compliance gaps?
**Financial Regulations**
- Are we meeting tax reporting requirements?
- What about anti-money laundering rules?
- Are there jurisdiction-specific requirements?
**Data Protection**
- Are we GDPR compliant for EU customers?
- What about CCPA for California residents?
- How do we handle data deletion requests?
**Business Compliance**
- Are our terms of service adequate?
- What about refund policy compliance?
- Are we meeting marketplace regulations?
For each area, specify current status, gaps, and remediation steps.
Building Your Workflow
Daily Practice
Morning Code Review:
Yesterday I implemented [feature]. Audit it for production issues and create a fix prompt for any problems found.
End-of-Day Check:
Is this [feature] ready to ship? What else needs to be done before it's production-ready?
Weekly Deep Dives
Architecture Review:
Analyze my current codebase architecture. What technical debt is accumulating? What patterns should be refactored? Create a prioritized improvement plan.
Security Audit:
Perform a security audit of my application. What vulnerabilities exist? What attack vectors am I missing? Generate a security improvement roadmap.
Project Milestones
Pre-Launch Audit:
We're launching [feature] next week. Perform a comprehensive production readiness audit covering performance, security, reliability, and monitoring. What could go wrong in production?
Post-Launch Enhancement:
[Feature] has been live for a month. Based on usage patterns and feedback, what improvements should we prioritize? What new capabilities should we add?
The Template Library
Save these prompts for reuse:
Generic Issue Analysis:
Analyze my [system/feature] implementation for issues in these areas:
- Security vulnerabilities
- Error handling gaps
- Edge cases
- Performance problems
- Integration issues
- Monitoring gaps
- Testing coverage
Provide specific findings with code references and severity ratings.
Meta-Prompt Generator (Universal):
Based on the [analysis/suggestions/task list] you just provided, write a comprehensive prompt for the next chat to [fix these issues/implement this plan/build these enhancements]. The prompt should:
1. **Provide Complete Context**
- Include current system architecture and constraints
- Reference all relevant findings and recommendations
- Specify tech stack and integration requirements
2. **Structure the Work**
- Break into logical phases with dependencies
- Prioritize by risk, impact, and effort
- Include parallel work opportunities
3. **Define Success Criteria**
- Specify testing and validation requirements
- Include performance and security benchmarks
- Define deliverables and acceptance criteria
4. **Format for Implementation**
- Create actionable, step-by-step instructions
- Include code examples and patterns to follow
- Make it copy-pasteable for the next chat
Write the complete implementation prompt now.
Production Readiness Check:
Is my [system/feature] production ready? Audit against:
- Reliability and fault tolerance
- Security and compliance
- Performance and scalability
- Monitoring and observability
- Maintainability and documentation
Identify gaps and provide specific action items.
Then: Use the Meta-Prompt Generator to create an implementation prompt for addressing any gaps.
Enhancement Discovery:
What else should we add to this [system/feature] to make it world-class? Consider business value, technical improvements, and future-proofing. Prioritize by impact and effort.
Then: Use the Meta-Prompt Generator to create implementation prompts for the top 3 enhancements.
Mastery Checklist
You've mastered the iterative improvement workflow when you:
- ✅ Never Accept "Done": Always probe deeper with broad prompting
- ✅ Systematically Find Issues: Use structured auditing prompts
- ✅ Master Meta-Prompting: Turn ANY AI response into the next perfect prompt
- ✅ Generate Implementation Prompts: Create comprehensive prompts for systematic work
- ✅ Validate Production Readiness: Thoroughly check before deployment
- ✅ Plan Complete Features: Generate detailed task lists and implementation prompts
- ✅ Continuously Enhance: Keep exploring what else could be improved
- ✅ Build Template Libraries: Reuse proven prompting patterns
- ✅ Think Like an Attacker: Consider failure modes and edge cases
- ✅ Create Continuous Loops: Chain prompts together for ongoing improvement
Your Action Plan
- Start Today: Pick one recent AI implementation and run it through the 5-phase workflow
- Build Your Templates: Save the prompts that work best for your context
- Make It Habit: Never ship code without running the production readiness check
- Share Your Findings: Document the issues you find and solutions you implement
- Iterate and Improve: Refine your workflow based on what you learn
Remember: The difference between code that works in your dev environment and code that works in production is usually about 10 rounds of "what else could go wrong?"
Your AI agent will stop at "it works." But you shouldn't stop until it's bulletproof.
Want to master more advanced AI techniques? Check out our Meta Prompting Masterclass and Advanced Prompt Engineering guide.
