The only prompt engineering studio built for non-English enterprise teams
Built for Bharat. Works everywhere.
Build world-class prompts for any AI · in any language · by anyone on Earth
Every other prompt engineering tool was built for English speakers. PromptCraft Pro was built for everyone else, with a full UI in हिन्दी and தமிழ், 16 input languages, 12 industry domains, and a DAST-gated enterprise pipeline that no comparable tool has.
🌐 Web App · 📥 Download Desktop · 📖 Docs · 🚀 Push Guide · 🐛 Issues
Web app (no install): promptcraft-bharat.vercel.app
Desktop: Download latest release — Windows .exe, Linux .AppImage, macOS .dmg
No account required. No data sent to us. Bring your own API key.
- What is PromptCraft Pro?
- Key Features
- What's New in v3.4
- What's New in v3.3
- Quick Start — Web (Local)
- Desktop App — Windows
- Desktop App — Linux
- Desktop App — macOS
- Global Deployment
- Project Structure
- Environment Variables
- Microphone & Voice Setup
- Developer Mode (DEV Bypass)
- Prompt Frameworks
- Quality Benchmark
- UI Localization
- Contributing
- Roadmap
- License
PromptCraft Pro is a free, open-source prompt engineering studio — the first one built specifically for non-English enterprise teams. Every label, button, error message, and placeholder is available in English, हिन्दी, and தமிழ், with native Devanagari and Tamil script fonts. It runs on Windows, Linux, macOS, and the web, with a DAST-gated CI/CD pipeline that no comparable open-source tool has.
| Pain Point | Who it affects | Solution |
|---|---|---|
| Prompt tools assume English fluency | 5B+ non-English speakers | Full UI in हिन्दी and தமிழ் · 16 input languages |
| Non-technical users can't write effective prompts | Domain teams in any sector | Guided builder with 8 frameworks + 12 domains |
| Inconsistent quality across team members | Enterprise teams | CO-STAR, CRISPE, RTF, BROKE, RISEN + quality score |
| Manual copy-paste between 5 AI tools | Everyone | Run Claude, GPT, Gemini, Mistral, LLaMA from one screen |
| No security standard for AI prompt tooling | Enterprise / regulated sectors | 159-check DAST gate · T-01–T-15 threat model |
| Prompts disappear when you close the tab | All web app users | Prompt history (localStorage, 20 entries) · shareable links |
- 16 input languages — English, Hindi, Bengali, Tamil, Telugu, Marathi, Gujarati, Kannada, Spanish, French, German, Chinese, Arabic, Portuguese, Japanese, Russian
- 8 prompt frameworks — CO-STAR, CRISPE, RTF, BROKE, RISEN, Chain-of-Thought, Few-Shot, Tree-of-Thought
- 12 industry domains — Healthcare, Legal, Finance, Education, Engineering, Creative, Manufacturing, Retail, Agriculture, Government, Pharma, Telecom
- 10 tones and 10 audience types
- Real-time safety validation — 6 pre-generation checks (PII, injection, harmful intent, clarity, CAPS, length)
- Quality benchmark — 10-dimension score (0–100) with inline progress bar
- 5 AI providers, 38 models — Claude (6 models), GPT-4o (9 models), Gemini (6 models), Mistral (7 models), LLaMA via Groq (10 models)
- Parallel execution — run all selected models simultaneously, compare results side by side
- Language quality badges — amber
⚠️ Translated badge when a model has partial language support; green ✓ Native when fully supported - Inline Quick Launch — send your prompt to any model directly from the Build output, no tab switching
- Selected model name visible on each provider card — no hunting through dropdowns
- Per-model version selector, response time display, per-model re-run and copy
- Works on all app flavours: Chrome/Edge web, Windows .exe, Linux AppImage, macOS .app
- Continuous mode (
continuous: true) — never cuts off mid-sentence - Auto-restart on
no-speechtimeout — stays alive indefinitely; 120ms gap between sessions - Permission pre-flight:
getUserMediaon web (browser prompt), Electron IPCrequestMicPermissionon desktop - Language-aware BCP-47 locale — automatically matches selected input language
- Localised error messages with platform-specific remediation steps
- SVG mic icon + pulse dot animation while active
- 3 UI languages: English · हिन्दी · தமிழ்
- Every label, button, placeholder, error message, and tab name translates instantly
- Per-language typography: Noto Sans Devanagari (Hindi), Noto Sans Tamil (Tamil)
- Language selector shows native script labels in correct fonts — not "HI" or "TA"
- 30 s request timeout —
pcpFetch()wraps every API call; never hangs indefinitely - Auto-retry with backoff — 429 / 5xx errors retried up to 2× with 1 s and 2 s delays
- Offline detection — network banner shown in Build tab when connection is lost
- In-memory event log —
window.__PCP_EVENTSin DevTools for debugging (never logs prompt content)
- Prompt history — last 20 prompts auto-saved to
localStorage, collapsible panel below output - Load any past prompt — goal, framework, tone, audience, constraints all restored in one click
- Shareable links — ↗ Share button encodes full config as a URL, anyone with the link loads it
- Output language selector — choose the prompt output language independently of input language
- No API key required — triple-click the version badge in the footer to toggle DEV mode
- Instant mock prompt generation (800ms simulated delay, realistic multi-section output)
- Mock Run on AI for Claude inside DEV mode
- All quality scoring, copy, validate, and inline Run on AI flows work fully
- Prominent DEV banner with one-click exit
| Area | Change |
|---|---|
| Prompt history | Last 20 prompts saved locally — load any in one click |
| Shareable links | ↗ Share button encodes full prompt config as a URL |
| Output language | Choose prompt output language independently of input |
| Language quality badges | |
| Request timeout | 30 s timeout on every API call — no more infinite spinners |
| Auto-retry | Exponential backoff on 429 / 5xx errors (up to 2 retries) |
| Offline banner | Network status detected — amber banner when offline |
| Gemini error handling | Specific messages for safety blocks, quota, empty candidates |
| Model name on card | Selected model version shown directly on the provider card |
| Area | Change |
|---|---|
| Prompt output language | Choose the language of the generated prompt independently of input language |
| Prompt history | Last 20 prompts saved locally — load any in one click, persists across sessions |
| Shareable links | ↗ Share button encodes full prompt config as a URL — anyone with the link can load it |
| Language capability matrix | Amber |
| Request timeout | 30-second AbortController timeout on every AI call — no more infinite spinners |
| Retry with backoff | Automatic 1 s / 2 s retry on rate-limit and server errors |
| Offline detection | Banner warns you before you click Build if your network is down |
| Gemini error handling | Specific messages for safety blocks, empty candidates, RESOURCE_EXHAUSTED |
| Model name on card | Selected model version (e.g. Claude Haiku 4.5) shown directly on the provider card |
v3.3 changes (localization, voice, DEV mode, inline Run on AI) are in CHANGELOG.md.
git clone https://github.com/AdBoh/promptcraft-pro.git
cd promptcraft-pro
npm install
npm run dev
# Open http://localhost:5173Add your Anthropic API key in the Settings panel. Other model keys are optional.
No API key for testing? Triple-click the version badge text at the bottom of the page (
PromptCraft Pro · v3.4 · MIT License) — DEV mode activates instantly. All features work with mock responses.
npm run electron:win
# Output: release/<version>/PromptCraft Pro Setup <version>.exe
# release/<version>/PromptCraft Pro <version>.exe (portable)Enable microphone: Settings → Privacy & Security → Microphone → "Let desktop apps access your microphone" → ON → restart app.
npm run electron:linux
# Output: release/<version>/PromptCraft Pro-<version>.AppImage
# release/<version>/PromptCraft Pro_<version>_amd64.debDebug voice on Linux:
chmod +x "PromptCraft Pro-*.AppImage"
./"PromptCraft Pro-*.AppImage" --no-sandbox # shows Chromium speech errors
pactl list sources short # check mic sourcesnpm run electron:mac
# Output: release/<version>/PromptCraft Pro-<version>.dmg (universal: x64 + arm64)Enable microphone: System Settings → Privacy & Security → Microphone → enable for PromptCraft Pro → restart app.
The app uses entitlements.mac.inherit.plist which grants com.apple.security.device.audio-input.
npm run build && vercel --prodnpm run build
# Upload dist/ folder — set publish directory to distFROM node:20-alpine AS build
WORKDIR /app
COPY . .
RUN npm ci && npm run build
FROM nginx:alpine
COPY --from=build /app/dist /usr/share/nginx/htmlpromptcraft-pro/
│
├── .github/
│ └── workflows/
│ └── release.yml # CI/CD: security → qa → build → release
│
├── src/
│ ├── main.jsx # React entry point
│ └── App.jsx # Entire app — components, state, API (~3,500 lines)
│
├── electron/
│ ├── main.js # Electron main process + IPC handlers
│ ├── preload.js # Secure contextBridge IPC surface
│ └── entitlements.mac.inherit.plist # macOS microphone entitlement
│
├── security/ # ★ All security tooling
│ ├── dast-harness.js # Live DAST engine (dev/test only, never production)
│ └── dast_runner.py # CI/CD DAST gate — 159 checks, blocks on Critical/High
│
├── tests/
│ ├── test_promptcraft.py # Full QA suite — 264 tests, P0–P3 severity
│ └── manual/ # Manual test runner — 76 cases, 131 auto-checks
│
├── docs/
│ ├── SECURITY.md # Security architecture + vulnerability disclosure
│ ├── CONTRIBUTING.md # Development workflow + iterative guide
│ ├── CHANGELOG.md # Version history
│ ├── VALIDATION-FRAMEWORK.md # 10-section test plan
│ └── ROADMAP-BACKLOG.md # Architecture backlog (observability, reliability, scalability)
│
├── public/
│ ├── icon.ico # Windows icon (7 sizes: 16–256px)
│ ├── icon.png # App icon 512×512
│ └── tray-icon.png # System tray 32×32
│
├── scripts/
│ └── generate-icons.js # Icon generation utility
│
├── index.html # HTML entry point + Content Security Policy
├── vite.config.js # Build config + DAST auto-inject Vite plugin
├── package.json # npm scripts + electron-builder config
├── .env.example # Environment variable template
├── .gitignore
└── README.md
python3 tests/test_promptcraft.py # auto-finds src/App.jsx
python3 tests/test_promptcraft.py src/App.jsx # explicit pathTests cover 16 areas across 264 test cases: frameworks, models, voice, i18n, settings, build pipeline, validation, run-on-AI, DEV mode, and enterprise security (ESEC). All are P0–P3 severity-tagged.
# Static analysis (fast — same as CI)
python3 security/dast_runner.py
# CI mode — exits 1 if Critical or High findings present
python3 security/dast_runner.py --ci
# Live attack suite (requires dev server)
npm run dev
# then in browser DevTools console:
window.__DAST.runAll()
window.__DAST.printReport()The DAST harness fires 60+ real attack payloads (XSS, prompt injection, unicode attacks, overflow, control chars, JSON injection) into the running app and monitors DOM mutations, fetch() calls, sessionStorage, and unhandled errors in real time.
Every push to main and every PR runs:
security-gate (DAST runner)
↓ passes
qa-gate (264 tests)
↓ passes
web-deploy + build-windows + build-linux + build-macos
↓ all pass (tags only)
publish-release
Any Critical or High DAST finding, or any failing test, blocks the entire pipeline.
See docs/CONTRIBUTING.md for the full iterative development workflow.
cp .env.example .env| Variable | Description | Required |
|---|---|---|
VITE_APP_VERSION |
Override app version badge | No |
API keys are entered by users in the app Settings panel. They are stored in browser sessionStorage only and sent directly to each AI provider — never to any other server.
| Platform | Engine | Permission Flow |
|---|---|---|
| Chrome / Edge (web) | webkitSpeechRecognition |
getUserMedia({audio:true}) browser prompt |
| Electron — Windows | Chromium SR | IPC requestMicPermission → Windows Privacy Settings |
| Electron — Windows (Azure VDI) | Chromium SR | See troubleshooting below |
| Electron — Linux | enable-speech-dispatcher |
System mic permissions |
| Electron — macOS | systemPreferences.askForMediaAccess |
macOS Privacy → Microphone |
| Error shown | Cause | Fix |
|---|---|---|
| "Voice network error — speech.googleapis.com may be blocked" | Corporate firewall/VPN blocks speech.googleapis.com:443 |
Ask IT to allowlist speech.googleapis.com:443 outbound TCP |
| "Speech service unavailable in this Electron build" | Electron lacks a baked-in Google Speech API key | Use the web app in Chrome/Edge instead, or host behind a corporate proxy that allows Google APIs |
| "Voice not supported — use Chrome or Edge" | Browser does not implement Web Speech API | Switch to Chrome or Edge |
| "Allow microphone access in Settings" | OS mic permission not granted | Windows: Settings → Privacy → Microphone → enable for this app |
Azure VDI users: Chromium's Web Speech API sends audio over the network to
speech.googleapis.com. Even with microphone access granted at the OS level, voice will fail if the VDI network blocks outbound connections to Google. The web app running in Chrome on the same VDI will have the same limitation unless the firewall allowlists the endpoint.
Voice engine behaviour:
continuous: truekeeps the mic open — no 60-second cutoff- Auto-restarts on
no-speech(120ms gap) — transcript accumulates across restarts - Interim results displayed as
[… text …]in real time - Final results appended cleanly to the goal textarea
- All error messages are translated into the active UI language
For rapid development and testing without API keys:
| Action | Result |
|---|---|
| Triple-click footer version badge | Toggle DEV mode on/off |
| Click "Exit DEV" in the banner | Turn off DEV mode |
What works in DEV mode:
- ✅ Prompt generation — 800ms mock, realistic multi-section output
- ✅ Quality scoring, inline benchmark, full validation report
- ✅ Copy prompt to clipboard
- ✅ Inline Quick Launch (Run on AI for Claude)
- ✅ All UI localization (EN / हिन्दी / தமிழ்)
⚠️ Other AI models (GPT-4o, Gemini, etc.) still require real keys
| Framework | Best For |
|---|---|
| CO-STAR | Enterprise governance, structured deliverables (Singapore GovTech standard) |
| CRISPE | Expert-level deep context tasks |
| RTF | Fast lean tasks — Role, Task, Format only |
| BROKE | OKR-style goal-driven work with measurable outcomes |
| RISEN | Step-sequenced procedures and workflows |
| Chain-of-Thought | Complex reasoning (+40% accuracy on hard problems) |
| Few-Shot | Example-driven tasks, classification, transformation |
| Tree-of-Thought | Multi-branch exploration of open-ended hard problems |
| Dimension | Weight |
|---|---|
| Clarity | 12% |
| Specificity | 12% |
| Role Definition | 10% |
| Output Format | 10% |
| Context | 10% |
| Constraints | 10% |
| Framework Fit | 12% |
| Audience Fit | 8% |
| Safety | 8% |
| Portability | 8% |
80–100 Excellent · 60–79 Good · < 60 Fair
| Selector | Language | Script | Font |
|---|---|---|---|
| English | English | Latin | Nunito |
| हिन्दी | Hindi | Devanagari | Noto Sans Devanagari |
| தமிழ் | Tamil | Tamil | Noto Sans Tamil |
To add a new UI language: add an entry to UI_LANGS and a translation block to STRINGS in src/App.jsx. Pass the strings prop to RunOnAI and InlineRunPanel.
We welcome contributions — especially from Indian developers, multilingual AI practitioners, and enterprise security engineers.
- Fork → feature branch →
git commit -m "feat: ..."→ PR againstmain - Run the gates locally before submitting:
python3 security/dast_runner.py --ci # must be 159/159 PASS python3 tests/test_promptcraft.py src/App.jsx # must be 264/264 PASS
- Keep all JSX Babel-safe: no
?., no??, no.finally(), no flag emoji surrogate pairs - See docs/CONTRIBUTING.md for the full workflow, Python 3.11 rules, and how to add test cases
Highest-impact contributions right now (see Roadmap above):
- Community prompt gallery (publish and fork templates)
- Bengali / Telugu / Arabic UI translations
- Prompt diff / A-B comparison across models
- Prompt history — local save/load via
localStorage(no backend required) ✅ v3.4 - Shareable prompt links — one-click URL encoding of your prompt config ✅ v3.4
- Community prompt gallery — publish and fork community templates
- Bengali, Telugu, Arabic, Spanish, French UI translations
- Team workspace with shared prompt library
- Prompt diff / A-B comparison across models
- Whisper-based offline voice (Electron)
- Export to PDF / Notion / Confluence
- Mobile app (React Native)
Want to contribute? The H1 items above are the highest-impact features. See docs/CONTRIBUTING.md to get started.
MIT License — see LICENSE for details.
PromptCraft Pro · v3.4 · MIT License · Built for non-English enterprise teams