Update the security review command to identify Dependency Issues

Hi Team,

The [announcement blog post](https://www.anthropic.com/news/automate-security-reviews-with-claude-code) mentions that the security review can detect the following bug classes:

- SQL injection risks
- Cross-site scripting (XSS) vulnerabilities
- Authentication and authorization flaws
- Insecure data handling
- Dependency vulnerabilities

The [prompt here](https://github.com/anthropics/claude-code-security-review/blob/main/.claude/commands/security-review.md?plain=1) has no mentions of dependency vulnerabilities and the `/security-review` command doesn't seem to detect (rightly so) any 3rd party issues for me. Is there plans on updating the prompt? or Is the expectation for us to modify this per project?



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update the security review command to identify Dependency Issues #31

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Update the security review command to identify Dependency Issues #31

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions