Command reference ยท Claude Code
/security-review
Analyzes pending changes on the current branch for security vulnerabilities.
Checks the git diff for risks like injection, auth issues, and data leaks.
โ WHEN TO USE IT?
Before merging an auth/secrets feature
Before merging a branch that adds a new API endpoint handling user input, run /security-review to check the diff for injection and auth issues.
After adding payment/sensitive feature code
After payment logic or secret handling has been added to the current branch, run /security-review specifically before opening the PR.
โ WHEN NOT TO?
General code quality without a security focus
Per the docs, /security-review specifically checks for security risks like injection, auth issues, and data leaks โ not general cleanup.
Better: Use /simplify or /code-review for general quality/bugs.
SOURCES
- Claude Code Doku (offiziell) โ code.claude.com