Enable the security-guidance plugin to catch and fix vulns in the same coding session
Claude Code Updates by Anthropic·high signal
Claude Code's security-guidance plugin (shipped in the v2.1.154 wave) reviews Claude's own code changes for vulnerabilities and fixes them before they land. It layers three checks: a fast pattern scan on every edit, a model review at the end of each turn, and a deeper agentic review on commit or push. This turns secure-coding review into an inline default rather than a separate CI gate.