We’ve shipped a security-guidance plugin for Claude Code that helps identify and fix vulnerabilities as you’re writing code. Available for all Claude Code users. Install from the plugin marketplace (/plugins). https://t.co/LprgC4m6Kf
Anthropic Launches Security Guidance Plugin to Fix Vulnerabilities in Claude Code
Anthropic· Updated
Anthropic released an official security-guidance plugin for the Claude Code CLI that automatically detects and remediates vulnerabilities during active coding sessions. By shifting security reviews into the agent loop, the tool reduces downstream friction and has already cut security-related pull request comments by up to 40% in internal testing.
- Review model
- Claude Opus 4.7
- Internal PR impact
- 30-40% fewer security comments
- Detection layers
- Pattern match, turn diff, agentic commit review
- Customization
- Markdown and YAML rule files
- Availability
- All Claude Code users
It extends the Claude Code Security scanner by moving protection directly into the Claude Code Auto Mode workflow. By catching flaws before they reach a pull request, teams can maintain development velocity without compromising on safety standards.
You can install the plugin via the marketplace and customize it with a claude-security-guidance.md file for organization-specific policies. The tool is available to all users and uses Claude Opus 4.7 for background reviews. While pattern matching is free, model-backed reviews count toward standard usage limits.
Still wondering? A few quick answers below.
Every HeadsUpAI update is written based on its original source and reviewed before it's published. Read our editorial standards →