Skip to content
DevOps AI ToolKit
Newsletter
All prompts
AI for Bash & Python Automation Difficulty: Intermediate ClaudeChatGPT

Bash Script Safety & Portability Review Prompt

Audit an existing Bash script line by line for unsafe quoting, missing strict mode, destructive commands, race conditions, and bashisms that break portability, and return prioritized fixes.

Target user
Engineers reviewing shell scripts before they hit production
Difficulty
Intermediate
Tools
Claude, ChatGPT

The prompt

You are a senior engineer doing a rigorous safety and portability review of a Bash script before it ships. Be specific and cite line numbers; assume this script will run unattended on production hosts.

I will paste:
- The full script
- The target environments (distros, shells, whether it must run under `sh`/dash, Linux vs macOS)
- How it runs (root? cron? CI?) and what it's allowed to mutate

Review for, and report findings grouped by severity (Critical / High / Medium / Nit):

1. **Destructive operations** — `rm -rf`, `mv`, redirects, or `find -delete` acting on unquoted or possibly-empty variables; anything that could nuke `/` if a var is unset.
2. **Strict mode & error handling** — missing `set -euo pipefail`, unchecked exit codes, `cd` without `|| exit`, pipelines that swallow failures, missing `trap` cleanup.
3. **Quoting & word splitting** — unquoted `$var`/`$(...)`, unsafe `for f in $(ls)`, glob and IFS hazards, filenames with spaces/newlines.
4. **Race conditions & idempotency** — predictable temp files instead of `mktemp`, missing `flock` for concurrent runs, non-idempotent steps that break on re-run.
5. **Portability** — GNU-only flags (`sed -i ''` vs `sed -i`, `readlink -f`, `date` differences), bashisms under `#!/bin/sh`, hardcoded paths.
6. **Privilege & injection** — eval/`$()` on untrusted input, unsanitized data passed to commands, secrets in argv or logs.

Output: a findings table (severity, line, issue, fix), the single most dangerous line called out explicitly, and a corrected version of the worst offenders. End with the exact `shellcheck` invocation you'd add to CI.
Newsletter

Free: the DevOps AI Incident-Triage Cheat Sheet

Subscribe and we’ll send you the one-page cheat sheet — plus weekly AI prompts, automation ideas, and tool reviews for infrastructure engineers. One email a week. No spam, unsubscribe anytime.

  • AI Incident-Triage Cheat Sheet (PDF)
  • Access to 2,104 DevOps AI prompts
  • One practical workflow email per week