Claude Code Security Review
Description
An AI-powered security review GitHub Action using Claude to analyze code changes for security vulnerabilities. This action provides intelligent, context-aware security analysis for pull requests using Anthropic's Claude Code tool for deep semantic security analysis. See our blog post [here](https://
Installation
claude install-skill https://github.com/anthropics/claude-code-security-review README
Claude Code Security Reviewer
An AI-powered security review GitHub Action using Claude to analyze code changes for security vulnerabilities. This action provides intelligent, context-aware security analysis for pull requests using Anthropic's Claude Code tool for deep semantic security analysis. See our blog post [here](https://www.anthropic.com/news/automate-security-reviews-with-claude-code) for more details.
Features
- undefined
Quick Start
Add this to your repository's `.github/workflows/security.yml`:
name: Security Review
permissions:
pull-requests: write # Needed for leaving PR comments
contents: read
on:
pull_request:
jobs:
security:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha || github.sha }}
fetch-depth: 2
- uses: anthropics/claude-code-security-review@main
with:
comment-pr: true
claude-api-key: ${{ secrets.CLAUDE_API_KEY }}Security Considerations
...
Related Skills
Defense in Depth
Implement multi-layered testing and security best practices.
SecLists Official Repository
[OWASP Testing Guide](https://owasp.org/www-project-web-security-testing-guide/)
Threat Hunting with Sigma Rules
Use Sigma detection rules to hunt for threats and analyze security events
Composio Okta
Manage Okta identity and access
Composio Auth0
Manage Auth0 tenants and applications
Composio Hashicorp Vault
Manage HashiCorp Vault secrets