.png?2.1.1 "Vokash")
.png "Trending")
18 hours ago
ZDNET's cardinal takeaways
- Automated information reviews successful Claude Code thief guarantee codification safety.
- Spot and hole vulnerabilities earlier your codification reaches production.
- Run nan /security-review bid successful nan terminal aliases via GitHub Action.
Claude Code became mostly disposable successful May, and since then, it has go celebrated among developers for its coding assistance, disposable correct successful nan terminal aliases integrated improvement environments (IDEs). Now, caller features are coming to Claude that make it easier to build safely, too.
On Wednesday, Anthropic introduced automated information reviews successful Claude Code. They let developers to more easy place and hole information concerns, and tin beryllium invoked either manually utilizing nan caller "/security-review" bid aliases automatically via nan caller GitHub Action for Claude Code.
Also: Claude Code's caller instrumentality is each astir maximizing ROI successful your statement - really to effort it
"On request aliases automatically, Claude will reappraisal nan codification that you're moving on, nan codification that you're pushing, aliases your full repository, and practically place vulnerabilities and propose ways to hole them," said Logan Graham, nan technologist down nan caller features connected nan Frontier Red Team astatine Anthropic, to ZDNET.
Command successful Claude Code
All developers person to do is invoke nan /security-review bid successful Claude Code, which will trigger nan information study successful nan terminal. Anthropic said Claude will past hunt nan codebase, place communal vulnerabilities specified arsenic SQL injection risks, insecure information handling, and authentication flaws, and explicate nan issues found.
"We want it to be, and I deliberation we tin get location soon if it's not location already, benignant of for illustration having nan champion information technologist aliases champion elder package engineer, complete shoulder, helping you do your work, amended and securely," added Graham.
Also: The champion AI for coding successful 2025 (including a caller victor - and what not to use)
After identifying nan issues, nan personification tin besides inquire Claude Code to instrumentality nan fixes for each one. This allows developers to drawback issues easy by integrating nan information reviews earlier committing nan codification aliases earlier it reaches production. ZDNET's ain David Gewirtz, a machine subject professor turned AI innovator, recovered nan update helpful, saying, "Adding nan information reappraisal arsenic a bid is good. Otherwise, you'd person to embed it successful each query aliases adhd it to their strategy instructions."
GitHub Action
Pull requests are an basal portion of nan collaborative improvement process, but they require extended manual reappraisal earlier being merged into nan main codebase. Now, pinch nan caller GitHub Action for Claude Code, developers tin person Claude automatically analyse each propulsion petition erstwhile it's opened, a measurement that tin different beryllium forgotten aliases overlooked.
Also: Anthropic's free Claude 4 Sonnet aced my coding tests - but its paid Opus exemplary someway didn't
Anthropic said Claude tin reappraisal codification changes for information vulnerabilities, use customizable rules, and station inline comments pinch concerns and recommendations for fixes. Anthropic has utilized GitHub Actions to drawback vulnerabilities successful its ain codification earlier shipping to users, according to nan release. Just past week, GitHub Actions identified a distant codification execution vulnerability, which was fixed earlier nan propulsion petition was merged.
How to entree
To entree nan /security-review command, update Claude Code to nan latest type and tally it successful your task directory. Anthropic posted archiving for installing and configuring nan GitHub Action.
Want much stories astir AI? Check retired AI Leaderboard, our play newsletter.
English (US) · 
Indonesian (ID) ·