Command reference ยท Claude Code
/security-review
Analyzes pending changes on the current branch for security vulnerabilities.
Analyzes pending changes on the current branch for security vulnerabilities. Checks the git diff for risks like injection, auth issues, and data leaks.
โ WHEN TO USE IT?
Before merging an auth/secrets feature
Before merging a branch that adds a new API endpoint handling user input, run /security-review to check the diff for injection and auth issues.
After adding payment/sensitive feature code
After payment logic or secret handling has been added to the current branch, run /security-review specifically before opening the PR.
โ WHEN NOT TO?
General code quality without a security focus
Per the docs, /security-review specifically checks for security risks like injection, auth issues, and data leaks โ not general cleanup.
Better: Use /simplify or /code-review for general quality/bugs.
SOURCES
- Claude Code Doku (offiziell) โ code.claude.com