|
| 1 | +# Security Guidance |
| 2 | + |
| 3 | +A Claude Code plugin that provides real-time security warnings when editing files. It detects common vulnerability patterns and blocks unsafe changes before they're written. |
| 4 | + |
| 5 | +## Overview |
| 6 | + |
| 7 | +This plugin installs a `PreToolUse` hook that runs automatically when Claude uses `Edit`, `Write`, or `MultiEdit` tools. It scans file paths and content for known security anti-patterns and shows actionable warnings. |
| 8 | + |
| 9 | +Key features: |
| 10 | + |
| 11 | +- Detects 9 common vulnerability patterns across multiple languages |
| 12 | +- Blocks unsafe edits with clear remediation guidance |
| 13 | +- Session-scoped deduplication to avoid warning fatigue |
| 14 | +- Zero configuration required |
| 15 | + |
| 16 | +## Security Patterns |
| 17 | + |
| 18 | +| Pattern | Trigger | Risk | |
| 19 | +| --- | --- | --- | |
| 20 | +| **GitHub Actions Injection** | `${{ github.event.* }}` in workflow files | Command injection via untrusted inputs | |
| 21 | +| **child_process.exec** | `child_process.exec()`, `execSync()` | Shell injection | |
| 22 | +| **new Function** | `new Function(...)` | Code injection via dynamic evaluation | |
| 23 | +| **eval** | `eval(...)` | Arbitrary code execution | |
| 24 | +| **dangerouslySetInnerHTML** | `dangerouslySetInnerHTML` in React | Cross-site scripting (XSS) | |
| 25 | +| **document.write** | `document.write(...)` | XSS via DOM manipulation | |
| 26 | +| **innerHTML** | `.innerHTML =` | XSS via direct HTML injection | |
| 27 | +| **pickle** | `pickle.load()`, `pickle.loads()` | Arbitrary code execution during deserialization | |
| 28 | +| **os.system** | `os.system()` | Command injection in Python | |
| 29 | + |
| 30 | +## How It Works |
| 31 | + |
| 32 | +1. Claude attempts to edit or write a file |
| 33 | +2. The hook checks the file path and content against security patterns |
| 34 | +3. If a match is found, the hook **blocks the edit** (exit code 2) and displays a warning with recommended alternatives |
| 35 | +4. Warnings are shown once per file per pattern per session to reduce noise |
| 36 | + |
| 37 | +## Configuration |
| 38 | + |
| 39 | +The plugin is enabled by default. To disable it, set the environment variable: |
| 40 | + |
| 41 | +```bash |
| 42 | +export ENABLE_SECURITY_REMINDER=false |
| 43 | +``` |
| 44 | + |
| 45 | +## Requirements |
| 46 | + |
| 47 | +- Python 3 |
| 48 | + |
| 49 | +## License |
| 50 | + |
| 51 | +MIT |
| 52 | + |
| 53 | +## Author |
| 54 | + |
| 55 | +David Dworken (dworken@anthropic.com) |
0 commit comments