What Claude’s Security Guidance Plugin Does
Claude’s Security Guidance Plugin is a vulnerability detection AI system built into Claude Code that analyzes in-progress code, flags common security flaws, and suggests fixes during the same development session so developers can produce secure code generation without waiting for later reviews or scans. Instead of treating security as a separate phase, the plugin reviews AI-generated and manually written code in real time, helping teams catch issues before they reach pull requests or deployment. It focuses on Claude code security by scanning for injection flaws, unsafe deserialization, insecure DOM APIs, and other risky constructs as developers work. Once installed, it runs automatically in the background, so there is no need to open another tool or remember extra commands. By pulling AI code review into the editor, Anthropic is pushing security further left into everyday development workflows.
Three-Stage Review That Shifts Security Left
The plugin’s design centers on a three-stage review pipeline that progressively deepens its analysis as code moves toward a commit. The first layer runs on file edits, using lightweight pattern checks to spot dangerous functions such as eval(), new Function(), os.system(), and child_process.exec(), as well as unsafe deserialization and patterns involving dangerouslySetInnerHTML or direct innerHTML assignment. The second stage triggers after each model turn, when Claude reviews the full git diff to find issues that pattern matching might miss, including authorization bypass, insecure direct object references, injection flaws, server-side request forgery, and weak cryptography. The deepest review runs when Claude performs commits or pushes through its Bash tool, examining surrounding files, sanitizers, and code paths to validate findings and reduce false positives. This layered approach means vulnerability detection AI runs continuously, not only at the end of the pipeline.
Immediate Fixes Inside the Claude Code Session
By tightening the loop between detection and fix, the plugin changes how developers address security defects. Because reviews occur as developers type and interact with Claude, security flaws can be discussed and corrected inside the same Claude Code session instead of being discovered later by static scanners or during pull request review. The real-time AI code review acts as a lightweight first pass, clearing away common mistakes before human reviewers focus on design and complex logic. Anthropic reports that “across our internal rollout and benchmarks, we’ve seen a 30–40% decrease in security-related comments on PRs opened using the plugin,” indicating less back-and-forth during review. Instant checks also do not consume additional model quota, so teams gain continuous feedback without extra usage cost, while deeper reviews draw from the existing Claude budget.
Custom Rules and Enterprise-Grade Claude Code Security
For organizations with specific risk profiles, the plugin supports custom security policies alongside its built-in rules. Teams can define organization-specific checks in a claude-security-guidance.md file placed in repositories or distributed centrally via MDM, and the plugin will enforce these rules at all three review stages. Within git repositories, deeper scans correlate findings across related files and sanitization logic to keep false positives lower, while lightweight pattern checks still function in any directory. The plugin is free for all Claude Code users, requires Claude Code version 2.1.144 or later and Python 3.8 or newer, and can be installed from the plugin marketplace. By embedding configurable secure code generation and review into the core product, Anthropic is extending its broader strategy of baking security and compliance into Claude tools rather than treating them as separate add-ons or optional steps.