According to @bcherny on X, Anthropic is rolling out Claude Code Security as a limited research preview for Team and Enterprise customers, after the tool surfaced "impressive (and scary)" security issues in internal testing. According to Anthropic’s announcement, the system scans entire codebases for vulnerabilities and proposes targeted software patches for human review, aiming to catch issues traditional static analysis tools miss, which could shorten remediation cycles and reduce mean time to resolve for AppSec teams. As reported by Anthropic, the launch prioritizes secure-by-default workflows where developers receive concrete diff-style patch suggestions and explanations, potentially improving developer adoption versus alert-only scanners and creating new opportunities for enterprise security platforms and MSSPs to integrate AI-assisted remediation.

According to @bcherny, Claude Code ships with a permission model that combines prompt injection detection, static analysis, sandboxing, and human oversight to control tool execution, as reported on Twitter and documented by Anthropic at code.claude.com/docs/en/permissions. According to the Anthropic docs, teams can run /permissions to expand pre-approved commands by editing allow and block lists and checking them into settings.json for organization-wide policy enforcement. According to @bcherny, full wildcard syntax is supported for granular scoping, for example Bash(bun run *) and Edit(/docs/**), enabling safer automation while reducing friction for common developer workflows. According to the Anthropic docs, this approach helps enterprises standardize guardrails, mitigate prompt injection risks, and accelerate adoption of agentic coding assistants in CI, repositories, and internal docs.