Update app.py

app.py

@@ -84,23 +84,19 @@ def generate(
         outputs.append(text)
         yield "".join(outputs)
 
-example1='''You are a senior software engineer who is best in the world at fixing vulnerabilities.
-Users will give you vulnerable code and you will generate a fix based on the provided INSTRUCTION. 
-INSTRUCTION:
-Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.
-Fix vulnerability CWE-327: Use of a Broken or Risky Cryptographic Algorithm at
-return hashlib.md5(content).hexdigest()
-
+example1='''Fix vulnerability CWE-327: Use of a Broken or Risky Cryptographic Algorithm in the following code snippet.
+```
 def md5_hash(path):
      with open(path, "rb") as f:
          content = f.read()
      return hashlib.md5(content).hexdigest()
+```
 '''
 
-example2='''You are a software engineer who is best in the world at summarizing code changes.
-Carefullly analyze the given old code and new code and generate a summary of the changes.
+example2='''Carefullly analyze the given old code and new code and generate a summary of the changes.
 
 Old Code:
+```
 #include <stdio.h>
 #include <stdlib.h>
 
@@ -122,8 +118,10 @@ void processList() {
 
     printf("Accessing freed list: %d\n", head->next->data);
 }
+```
 
 New Code:
+```
 #include <stdio.h>
 #include <stdlib.h>
 
@@ -159,17 +157,11 @@ void processList() {
         printf("Accessing freed list: %d\n", head->next->data);
     }
 }
+```
 '''
 
-example3='''You are a senior security researcher who is best in the world at detecting vulnerabilities.
-Carefully analyze the given code snippet and track the data flows from various sources to sinks.
-Assume that any call to an unknown external API is not sanitized.
-Respond only with either "YES" or "NO".
-Is the following code prone to CWE-117: Improper Output Neutralization for Logs 
-at logger.info("Received request with API Key: %s", api_key)
-with source logging.getLogger(__name__)
-and sink logger.info("Received request with API Key: %s", api_key)
-
+example3='''Is the following code prone to CWE-117: Improper Output Neutralization for Logs
+```
 from flask import Flask, request, jsonify
 import logging
 
@@ -183,15 +175,11 @@ def get_data():
     logger.info("Received request with API Key: %s", api_key)  
     data = {"message": "Data processed"}
     return jsonify(data)
+```
 '''
 
-example4='''You are a senior software engineer who is best in the world at fixing vulnerabilities.
-Users will give you vulnerable code and you will generate a fix based on the provided INSTRUCTION. 
-INSTRUCTION:
-Detected subprocess function 'run' with user controlled data. A malicious actor could leverage this to perform command injection. You may consider using 'shlex.escape()'.
-Fix vulnerability CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') at
-result = subprocess.run(**run_kwargs)
-
+example4='''Fix vulnerability CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the following code snippet.
+```
 def run(command, desc=None, errdesc=None, custom_env=None, live: bool = default_command_live) -> str:
     if desc is not None:
         print(desc)
@@ -217,6 +205,7 @@ def run(command, desc=None, errdesc=None, custom_env=None, live: bool = default_
             error_bits.append(f"stderr: {{result.stderr}}")
         raise RuntimeError("\n".join(error_bits))
     return (result.stdout or "")
+```
 '''
 
 chat_interface = gr.ChatInterface(