We just shipped automated security reviews in Claude Code. Catch vulnerabilities before they ship with two new features:
- /security-review slash command for ad-hoc security reviews
- GitHub Actions integration for automatic reviews on every PR
VIDEO
The /security-review command runs security analysis directly from your terminal.
Claude checks for vulnerabilities like:
- SQL injection risks
- XSS vulnerabilities
- Insecure data handling
Found a vulnerability? Simply ask Claude to fix it.
Claude checks for vulnerabilities like:
- SQL injection risks
- XSS vulnerabilities
- Insecure data handling
Found a vulnerability? Simply ask Claude to fix it.
Our new GitHub action is a friendly security reviewer for all your PRs.
When configured, the integration checks every new PR for vulnerabilities, posting inline comments with explanations and recommended fixes.
When configured, the integration checks every new PR for vulnerabilities, posting inline comments with explanations and recommended fixes.

We’re using this ourselves at @AnthropicAI. It's already caught real vulnerabilities, including a potential remote code execution vulnerability in an internal tool.
With the GitHub action, we were able to fix it before it made it to production.
With the GitHub action, we were able to fix it before it made it to production.

Getting started:
For the /security-review command, simply update Claude Code and run the command.
For the GitHub action, view our docs to get started: github.com/anthropics/cla…
For the /security-review command, simply update Claude Code and run the command.
For the GitHub action, view our docs to get started: github.com/anthropics/cla…
Generated by Thread Navigator
Press ⌘ + S to quick-export
