Skip to content

PromptScript

The Prompt-as-Code for AI Instructions

Standardize, audit, and deploy instructions across any AI coding assistant.

Get Started Try Playground GitHub

project.prs
Just 5 lines!
prs compile
Awaiting compilation...
Copilot 4 files Claude 3 files Cursor 2 files
instructions.md review.prompt migrate.prompt security.skill
.github/copilot-instructions.md 
# Checkout Service

← inherited from @acme/platform-standards

## Project
Expert Fullstack Engineer.

## Tech Stack
TypeScript 5.x · Node 20+ · PostgreSQL

## Standards
 Strict mode, no `any`
 Zod for validation
 API: https://api.acme.io

## Security
 Never log PII/card data
 Parameterized SQL only
.github/prompts/review.prompt.md 
---
mode: agent
tools: [codebase, terminal]
description: Security code review
---

Perform security-focused code review.

Check for:
• SQL injection vulnerabilities
• XSS attack vectors
• Exposed secrets/API keys
• Input validation gaps
.github/prompts/migrate.prompt.md 
---
mode: agent
tools: [terminal, codebase]
description: Database migration
---

Generate Prisma migration safely.

Steps:
1. Analyze schema changes
2. Generate migration file
3. Review for data loss
4. Create rollback plan
.github/copilot-skills/security.md 
---
name: security-audit
description: Audit for vulnerabilities
---

# Security Audit Skill

Scan for:
• OWASP Top 10 issues
• Hardcoded credentials
• Insecure dependencies
• Missing input sanitization
CLAUDE.md review.skill migrate.skill
CLAUDE.md 
# Checkout Service

← @acme/platform-standards

## Project
Expert Fullstack Engineer.

## Tech TypeScript · Hexagonal · DDD

## API https://api.acme.io

## Commands
/review Security code review
/test Write vitest tests
/migrate DB migration helper

## Don'ts
 Don't use `any` - use Zod
 Don't log payment data
 Don't skip validation
.claude/skills/review.md 
---
name: review
description: Security code review
---

Perform security-focused review.

Focus areas:
• Authentication flows
• Data validation
• Error handling
• Secrets management
.claude/skills/migrate.md 
---
name: migrate
description: Database migration
---

Help with Prisma migrations.

Capabilities:
• Schema diff analysis
• Migration generation
• Rollback scripts
• Data preservation
checkout.mdc security.mdc
.cursor/rules/checkout.mdc 
---

description: Checkout Service
globs: ["src/**/*.ts"]
alwaysApply: true
---

# Checkout Service
← @acme/platform-standards

## Project
Expert Fullstack Engineer.

## Stack
TypeScript 5.x · Node 20+ · Prisma

## API https://api.acme.io

## Rules
 Strict mode, no `any`
 Zod validation on inputs
 90% test coverage

## Security
 Never log PII or card data
 Parameterized queries only
.cursor/rules/security.mdc 
---
description: Security audit skill
globs: ["src/**/*.ts"]
---

# Security Audit

Scan for vulnerabilities:

• SQL injection risks
• XSS attack vectors
• Hardcoded secrets
• Missing input validation
• Insecure dependencies
• IDOR vulnerabilities

Why PromptScript?

Enterprise-grade features for managing AI instructions at scale

1,100+ Ready Configurations

Official registry with templates for React, Vue, Node, Python, Rust, Go. Inherit from @stacks/react and start coding in seconds.

Hierarchical Inheritance

Structure instructions like code. Inherit from @company/backend-security, compose with @use @fragments/testing.

Enterprise Governance

CISO-approved standards propagate to 100+ repos. Audit trails, version control, and policy enforcement built-in.

One Source, 4+ AI Tools

Write once, compile to GitHub Copilot, Claude Code, Cursor, and Antigravity. Switch vendors without rewriting.

Parameterized Templates

Create reusable templates with {{projectName}} variables. Like infrastructure-as-code for AI instructions.

Registry & Sharing

Host standards in your own Git repo. Run prs pull to sync latest configs across all projects instantly.

The Problem: Prompt Drift

As you scale AI tools across your organization, chaos emerges

Scale Problem

Updating a security policy across 100 microservices takes weeks of manual PRs. One change = 100 commits.

Model Volatility

New models require different prompting strategies. You shouldn't rewrite 1000 files when a model upgrades.

Governance Void

No audit trail. Junior devs miss critical security context. Unvetted instructions everywhere.

⚠️ Result: Inconsistent code quality, security risks, and operational chaos.

The Solution: PromptOps

Treat your AI instructions as managed infrastructure — compiled, validated, and deployed

flowchart TB
    subgraph org["🏢 Organization Registry"]
        direction TB
        OrgSec["@company/security<br/>(CISO approved)"]
        OrgTS["@company/typescript<br/>(Platform team)"]
        OrgJava["@company/java<br/>(Platform team)"]
    end

    subgraph teams["👥 Team Standards"]
        direction TB
        Backend["@backend/standards"]
        Frontend["@frontend/standards"]
        Data["@data/standards"]
    end

    subgraph projects["📦 Project Repos (100+)"]
        direction TB
        P1["checkout-service/.prs"]
        P2["user-api/.prs"]
        P3["dashboard/.prs"]
        Pn["...more repos"]
    end

    OrgSec --> Backend & Frontend & Data
    OrgTS --> Backend & Frontend
    OrgJava --> Data

    Backend --> P1 & P2
    Frontend --> P3
    Data --> Pn

    subgraph compile["⚙️ prs compile"]
        Compiler
    end

    P1 & P2 & P3 --> Compiler

    Compiler --> Copilot["GitHub Copilot"]
    Compiler --> Claude["Claude Code"]
    Compiler --> Cursor["Cursor"]
    Compiler --> Antigravity["Antigravity"]
    Compiler --> Other["Other Tools..."]
    Compiler --> CI["CI/CD Audit"]

See It In Action

Write once, compile to all major AI tools

@meta { id: "checkout-service" syntax: "1.0.0" }

@inherit @company/backend-standards

@identity {
  """
  You are an expert Fullstack Engineer working on the Checkout Service.
  This service handles payments using hexagonal architecture.
  """
}

@standards {
  typescript: [
    "Strict mode enabled",
    "Never use any type"
  ]
  testing: [
    "Use vitest as test framework",
    "Maintain 90% code coverage"
  ]
}

@restrictions {
  - "Never expose API keys in code"
  - "Never skip input validation"
}

@shortcuts {
  "/review": "Security-focused code review"
  "/test": "Write unit tests with Vitest"
}

@skills {
  security-audit: {
    description: "Audit code for vulnerabilities"
    content: "Check for: SQL injection, XSS, IDOR, PII leaks."
  }
}

Try in Playground

Generated file tree: 

.github/
├── copilot-instructions.md
├── prompts/
│   ├── review.prompt.md
│   └── test.prompt.md
└── copilot-skills/
    └── security-audit.md

.github/copilot-instructions.md 

# GitHub Copilot Instructions

> Auto-generated from project.prs

## Project
You are an expert Fullstack Engineer working on the Checkout Service.
This service handles payments using hexagonal architecture.

## Code Standards
- TypeScript: strict mode, no `any` types
- Testing: vitest, 90% coverage

## Restrictions
- Never expose API keys in code
- Never skip input validation

<!-- Inherited from @company/backend-standards -->

.github/prompts/review.prompt.md 

---
mode: agent
description: Security-focused code review
---

Perform a security-focused code review on the selected code.
Check for: SQL injection, XSS, IDOR, PII leaks.

.github/prompts/test.prompt.md 

---
mode: agent
description: Write unit tests with Vitest
---

Write comprehensive unit tests for the selected code using Vitest.
Target coverage: 90%.

.github/copilot-skills/security-audit.md 

---
name: security-audit
description: Audit code for vulnerabilities
---

# Security Audit Skill

Check for: SQL injection, XSS, IDOR, PII leaks.

Generated file tree: 

CLAUDE.md
.claude/
└── skills/
    ├── review.md
    ├── test.md
    └── security-audit.md

CLAUDE.md 

# CLAUDE.md

## Project
You are an expert Fullstack Engineer working on the Checkout Service.
This service handles payments using hexagonal architecture.

## Code Style
- Strict TypeScript, no `any`
- Testing: vitest, >90% coverage

## Don'ts
- Don't expose API keys in code
- Don't skip input validation

## Commands
/review - Security-focused code review
/test - Write unit tests with Vitest

.claude/skills/review.md 

---
name: review
description: Security-focused code review
---

Perform a security-focused code review.
Check for: SQL injection, XSS, IDOR, PII leaks.

.claude/skills/test.md 

---
name: test
description: Write unit tests with Vitest
---

Write comprehensive unit tests using Vitest.
Target coverage: 90%.

.claude/skills/security-audit.md 

---
name: security-audit
description: Audit code for vulnerabilities
---

Check for: SQL injection, XSS, IDOR, PII leaks.

Generated file tree: 

.cursor/
└── rules/
    ├── checkout-service.mdc
    └── security-audit.mdc

.cursor/rules/checkout-service.mdc 

---
description: Checkout Service standards
globs: ["src/**/*.ts"]
alwaysApply: true
---

You are working on the Checkout Service.
This service handles payments using hexagonal architecture.

## Code Style
- TypeScript: strict mode, no `any`
- Testing: vitest, 90% coverage

## Never
- Expose API keys in code
- Skip input validation

.cursor/rules/security-audit.mdc 

---
description: Security audit skill
globs: ["src/**/*.ts"]
---

# Security Audit

Check for: SQL injection, XSS, IDOR, PII leaks.

Generated file tree: 

.agent/
└── rules/
    ├── checkout-service.md
    └── security-audit.md

.agent/rules/checkout-service.md 

---
description: Checkout Service standards
activation: always
---

You are working on the Checkout Service.
This service handles payments using hexagonal architecture.

## Code Style
- TypeScript: strict mode, no `any`
- Testing: vitest, 90% coverage

## Never
- Expose API keys in code
- Skip input validation

.agent/rules/security-audit.md 

---
description: Security audit skill
activation: manual
---

# Security Audit

Check for: SQL injection, XSS, IDOR, PII leaks.

Ready to Standardize Your AI Instructions?

Join engineering teams using PromptScript to manage AI context at scale

Get Started Try Playground View on GitHub