claude code security review

We have hosted the application claude code security review in order to run this application in our online workstations with Wine or directly.

Quick description about claude code security review:

The claude-code-security-review repository implements a GitHub Action that uses Claude (via the Anthropic API) to perform semantic security audits of code changes in pull requests. Rather than relying purely on pattern matching or static analysis, this action feeds diffs and surrounding context to Claude to reason about potential vulnerabilities (e.g. injection, misconfigurations, secrets exposure, etc). When a PR is opened, the action analyzes only the changed files (diff-aware scanning), generates findings (with explanations, severity, and remediation suggestions), filters false positives using custom prompt logic, and posts comments directly on the PR. It supports configuration inputs (which files/directories to skip, model timeout, whether to comment on the PR, etc). The tool is language-agnostic (it doesn�t need language-specific parsers), uses contextual understanding rather than simplistic rules, and aims to reduce noise with smarter filtering.

Features:

• GitHub Action for semantic security review using Claude Code
• Diff-aware scanning: only inspects changed files in pull requests
• Security findings with explanations, severity ratings, and remediation suggestions
• False positive filtering logic to reduce noise
• Configurable inputs (e.g. exclude directories, timeout, model name)
• Optional slash command /security-review integration for interactive audits

Programming Language: Python.
Categories: