Anthropic released two new security features for Claude Code: a terminal command that audits your codebase on demand and a GitHub Action that scans every pull request automatically. Both use Claude's reasoning capabilities to find vulnerabilities that traditional static analysis tools often miss.

The /security-review Command

The first tool is a slash command built into Claude Code. Running /security-review from the terminal triggers a full security scan of all pending changes in the working directory. Claude examines the code, identifies potential vulnerabilities, and returns detailed explanations of each issue along with remediation guidance.

The command is designed to run before committing code. It acts as a last line of defense, catching issues that might slip past linting and unit tests. The scan covers injection attacks, authentication flaws, data exposure, cryptographic weaknesses, and business logic issues like race conditions.

GitHub Action for Pull Requests

The second component is an open-source GitHub Action (anthropics/claude-code-security-review) that integrates into CI/CD pipelines. When a developer opens a pull request, the action automatically analyzes the changed files and posts inline comments on specific lines where it finds security concerns.

The action is diff-aware, meaning it only scans files that changed in the PR rather than the entire codebase. This keeps analysis focused and fast. Configuration options include directory exclusions, custom security scan instructions, and adjustable timeouts for larger codebases.

What It Catches

The vulnerability coverage is broad. The scanner detects SQL injection, command injection, XSS (reflected, stored, and DOM-based), broken authentication, privilege escalation, hardcoded secrets, weak cryptographic algorithms, insecure deserialization, TOCTOU race conditions, and supply chain risks like typosquatting in dependencies.

Equally important is what it filters out. The system automatically deprioritizes low-impact findings like generic denial-of-service concerns, rate limiting suggestions, and open redirect vulnerabilities. This false positive filtering reduces noise so developers focus on findings that actually matter.

How It Differs From Traditional SAST

Traditional static application security testing (SAST) tools rely on pattern matching. They look for known vulnerability signatures in code syntax. This works for common patterns but produces high false positive rates and misses context-dependent issues.

Claude Code's approach is semantic. It reads the code the way a security engineer would, understanding intent, data flow, and the relationship between components. A SAST tool might flag every SQL string concatenation. Claude can distinguish between a parameterized query that happens to use string formatting and an actual injection vulnerability.

Customization

Both tools are customizable. The /security-review command can be tailored by copying its prompt file into a project's .claude/commands/ directory and editing it with organization-specific security policies. The GitHub Action accepts a custom instructions file for the same purpose.

This means teams can encode their own security standards, flag specific patterns relevant to their stack, or adjust severity thresholds to match internal risk tolerance.

Limitations

Anthropic explicitly notes that the GitHub Action is not hardened against prompt injection and should only be used on trusted pull requests. Repositories using it should enable the "Require approval for all external contributors" setting so workflows only run after a maintainer reviews the PR.

This is a practical constraint. Since the tool reads code and reasons about it, adversarial code designed to manipulate the analysis could theoretically produce misleading results. For internal teams and trusted contributors, this is unlikely to be an issue. For public open-source repositories, the approval gate is essential.

Why This Matters

As AI-generated code becomes more common in production codebases, the volume of code that needs security review is increasing faster than the supply of security engineers. Automated tools that understand code semantics, rather than just matching patterns, fill a critical gap.

The fact that this ships as both a local CLI tool and a CI/CD integration means it fits into existing workflows without requiring developers to change how they work. Security analysis happens where the code is written and where it is reviewed, catching issues at the two points where they are cheapest to fix.