Originally published on rohitraj.tech
Anthropic open-sourced defending-code-reference-harness — a Claude-powered pipeline that finds and patches security bugs in your code — and it hit the GitHub Trending front page this week. Here's what actually shipped, how to run /vuln-scan on your own repo, how it compares to the claude-code-security-review Action, managed Claude Security, and Snyk/Semgrep/CodeQL, where it quietly breaks, and how I'd wire it into a production CI without burning your token budget.
Read the full version with code samples, diagrams, and architecture details: Claude AI Vulnerability Scanner: Anthropic's Open-Source Code-Security Harness (2026)
More engineering notes: rohitraj.tech/en/notes
Top comments (0)