Anthropic has launched automated security reviews for Claude Code, its AI coding assistant, to address security concerns stemming from rapid AI-driven software development. The new features include a '/security-review' command that developers can use directly from their terminal to scan for vulnerabilities before committing code. Claude Code will search the codebase, identify common vulnerabilities such as SQL injection risks and authentication flaws, and explain the issues found.
After identifying issues, developers can ask Claude Code to automatically implement fixes. A new GitHub Action automatically reviews every pull request for security vulnerabilities. Once configured, the system automatically triggers on new pull requests, reviews code changes for security vulnerabilities, applies customisable rules to filter false positives, and posts comments inline on the pull requests with specific concerns and recommended fixes. This creates a consistent security review process across teams, ensuring no code reaches production without a baseline security review.
These features integrate security reviews into existing workflows, helping to catch vulnerabilities before they reach production. Both the '/security-review' command and the GitHub action are available to all Claude Code users.
Subscribe for Weekly Updates
Stay ahead with our weekly AI and tech briefings, delivered every Tuesday.
