security-guidance
Security review plugin: pattern warnings on edits, LLM diff review on Stop, and an agentic commit reviewer for injection/XSS/SSRF/secrets.
๐ก๏ธ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for security-guidance, derived from its capabilities.
AIVSS 4.0 ยท Medium
View MAESTRO 7-layer threat model โOverview
Anthropic's official security plugin for Claude Code. It adds a PostToolUse hook that pattern-matches edits for risky code, a Stop hook that runs an LLM-powered review of the session diff, and an agentic commit reviewer that flags command injection, XSS, SSRF, hardcoded secrets and 25+ other vulnerability classes. Surface is entirely hooks plus a review agent that runs shell/LLM on edit and stop events.
Key features
- PostToolUse pattern-based security warnings on file edits
- LLM-powered diff review triggered on the Stop hook
- Agentic commit reviewer covering 25+ vulnerability classes
- Detects injection, XSS, SSRF, and hardcoded secrets
Use cases
- Catch insecure patterns in Claude-generated code before commit
- Automated security gate on every session's diff