promptgarten ๐ŸŒฑ
๐ŸŒ ES

Command reference ยท Claude Code

/security-review

Analyzes pending changes on the current branch for security vulnerabilities.

Analyzes pending changes on the current branch for security vulnerabilities. Checks the git diff for risks like injection, auth issues, and data leaks.

โœ… WHEN TO USE IT?

Before merging an auth/secrets feature

Before merging a branch that adds a new API endpoint handling user input, run /security-review to check the diff for injection and auth issues.

After adding payment/sensitive feature code

After payment logic or secret handling has been added to the current branch, run /security-review specifically before opening the PR.

โ›” WHEN NOT TO?

General code quality without a security focus

Per the docs, /security-review specifically checks for security risks like injection, auth issues, and data leaks โ€” not general cleanup.

Better: Use /simplify or /code-review for general quality/bugs.

SOURCES