[nl]

/security-review really is pretty good.

But your codebase is unique. Slop in one codebase is very dangerous in another.

[LamaOfRuin]

For those not aware, this is a specific feature available in Claude Code.

https://support.claude.com/en/articles/11932705-automated-se...

[Groxx]

that's kinda what I was looking for tbh. I didn't know that was an option, and nothing in the thread (or article) seemed to imply it was.

I was mostly working off "well I could ask claude to look at my code for security problems, i.e. 'plz check for security holes kthx', but is that really going to be the best option?". if "yes", then it would kinda imply that all the customization and prompt-fiddling people do is useless, which seems rather unlikely. a premade tool is a reasonable starting point.