Architecture Overview

This section describes how Manicode prompts are structured, how they interact with LLMs, and where trust boundaries exist.

What Manicode Prompts Are

A Manicode prompt is a markdown file containing a system prompt — the instruction text that configures an LLM's behavior before any user interaction. Each prompt defines:

A role identity — what the LLM should act as (e.g., a security-focused Django developer)
Behavioral constraints — rules the LLM must follow (e.g., always use parameterized queries)
Domain knowledge — framework-specific security patterns, vulnerability classes, and remediation approaches
Output expectations — how responses should be structured

Prompts are passive artifacts. They contain no executable code, make no API calls, and have no runtime dependencies. They are plain text files that you feed to an LLM as the system instruction.

Prompt Lifecycle

Stages

Selection — A prompt file is chosen based on the user's framework, language, or use case.
Injection — The prompt content is set as the system prompt (or custom instructions) in the LLM interface, IDE, or API call.
Inference — The LLM processes user input in the context of the system prompt and generates a response.
Validation (optional) — For high-assurance workflows, a validation prompt (from the Validation Prompts category) can evaluate the output for security violations, policy breaches, or hallucinated content.

Prompt Categories and Their Relationships

Code Security Prompts produce secure code. They are the primary output-generating prompts.
Validation Prompts check inputs and outputs. They are guard prompts that sit on either side of a code generation or user interaction flow.
Security Assessment Prompts cover code review, penetration testing, and threat modeling. Their findings inform which code security prompts and validation guards to deploy.
Compliance Prompts map organizational controls to regulatory frameworks. Their output identifies engineering tasks that code security prompts help implement.
AI Coding Requirements Prompts transform raw project context into structured specifications before code generation begins.
Workforce Prompts provide professional personas. They are composable with other categories (e.g., a Security Architect persona running a threat modeling session).

Trust Boundaries

What You Control

Prompt content — You select, review, and version-control the prompt files. Changes go through your standard code review process.
Deployment configuration — You decide where prompts run (IDE, CI, API) and who has access.
Review gates — You determine which outputs require human review before adoption.

What You Do Not Control

Model behavior — LLMs are non-deterministic. The same prompt and input can produce different outputs across runs. Prompts influence but do not guarantee model behavior.
Model updates — When the underlying model is updated by its provider, prompt effectiveness may change without warning.
User input — In interactive deployments, user queries may attempt prompt injection, context manipulation, or social engineering.

Security Invariants

These properties hold across all Manicode prompt categories:

Prompts are inert — No prompt contains executable code. They are plain markdown text.
Prompts are additive — They add security constraints to model behavior. They do not modify or weaken the model's built-in safety features.
Prompts are reviewable — Every prompt is a human-readable text file. There are no obfuscated instructions or hidden behavior.
Prompts are versioned — Changes to prompts are tracked through Git, providing a full audit trail.
Outputs require verification — No Manicode prompt guarantees correct output. All LLM-generated content should be reviewed before use in production systems.

Deployment Architectures

Direct System Prompt

The simplest deployment. The prompt file content is passed directly as the system prompt.

┌─────────────────────────┐
│   IDE / Chat / API      │
│                         │
│  System: [prompt.md]    │
│  User:   [developer]    │
│  Output: [code]         │
└─────────────────────────┘

Use cases: IDE integrations, web chat, API calls, coding agents. See IDE Integrations, Web Chat Interfaces, and API Usage for implementation details.

Prompt + Validation Pipeline

A two-model architecture where one LLM generates and another validates.

┌──────────────┐     ┌──────────────┐
│  Generator   │     │  Validator   │
│              │     │              │
│  System:     │     │  System:     │
│  [security   │────▶│  [validation │
│   prompt]    │     │   prompt]    │
│              │     │              │
│  Output:     │     │  Output:     │
│  [code]      │     │  [pass/fail] │
└──────────────┘     └──────────────┘

Use cases: CI/CD pipelines, automated code review, high-assurance environments. See GitHub Actions for a CI/CD implementation example.

Multi-Stage Pipeline

Used by the AI Coding Requirements pipeline, where each stage's output feeds the next.

Stage 01 ──▶ Stage 02 ──▶ ... ──▶ Stage 10
Context      Scope         ...     Final
Curator      Cutter        ...     Gate

Use cases: Requirements engineering, specification development.

What Manicode Prompts Are​

Prompt Lifecycle​

Stages​

Prompt Categories and Their Relationships​

Trust Boundaries​

What You Control​

What You Do Not Control​

Security Invariants​

Deployment Architectures​

Direct System Prompt​

Prompt + Validation Pipeline​

Multi-Stage Pipeline​