There’s a security problem quietly building inside every codebase being shipped with AI assistance right now. It’s not that the code doesn’t work — it’s that it works while hiding vulnerabilities that neither the developer nor their tools are catching.
Agrici Daniel, the developer behind the open-source claude-ads tool we covered earlier this week, has built a companion tool that addresses this directly. It’s called claude-cybersecurity, and it runs eight specialist security agents against your codebase in parallel, with a single command, for free. The first time he ran it against his own code, it found 23 vulnerabilities he hadn’t spotted — including a critical SSRF flaw.
Why AI-Generated Code Has a Security Problem
The statistics from 2025 are hard to ignore. Veracode’s State of Software Security report, which analysed over 2.2 million applications, found that AI-generated code contains 2.74 times more security flaws than code written by humans. Separately, 45% of AI-generated code snippets introduce at least one OWASP Top 10 vulnerability. Researchers at Georgia Tech tracked 74 CVEs that originated directly from AI-generated code merged into open-source projects during 2024–2025.
The reason makes sense once you think about how these models are trained. They’ve seen millions of Stack Overflow answers, tutorials, and blog posts that use insecure patterns for the sake of simplicity. The model optimises for code that works, not code that’s secure. It will happily generate SQL queries with string concatenation, store secrets in plaintext, or skip input validation entirely — unless you explicitly ask otherwise.
Traditional static analysis tools weren’t designed for this. They catch patterns that human developers write. AI introduces different failure modes: hallucinated dependencies (packages that don’t exist, which attackers then register on npm or PyPI), overconfident crypto implementations that look correct but have subtle flaws, and insecure patterns lifted wholesale from training data without any understanding of why they’re dangerous.
claude-cybersecurity was built specifically to address this gap.
What It Does: One Command, Eight Agents
Running /cybersecurity in your terminal kicks off a four-phase process that takes minutes on a medium-sized codebase. Eight specialist agents launch in parallel, each focused on a specific security domain, each carrying its own detection rules, reference data, and false-positive suppression logic tuned to specific frameworks.
Here’s what each agent covers:
- Vulnerability Scanner (20% weight) — The heaviest agent. Performs taint analysis, tracks data flow from user inputs to dangerous sinks, and maps findings against both the OWASP Top 10:2025 and CWE Top 25:2024 catalogs. Catches injection flaws, XSS, deserialisation issues, and path traversal vulnerabilities.
- Auth Reviewer (15%) — Focuses exclusively on authentication and authorisation. Looks for IDOR (Insecure Direct Object Reference) patterns, privilege escalation paths, broken session management, and missing access controls — the “forgot to check permissions” bugs that are especially common in AI-generated code.
- Threat Intelligence (15%) — Scans for indicators of compromise: malware signatures, backdoor patterns, command-and-control communication channels, and known attack techniques mapped to the MITRE ATT&CK framework. This is the agent that would flag obfuscated malicious payloads in a dependency or code snippet.
- Secrets Detection (10%) — Goes beyond regex-based scanning. Uses semantic analysis to find obfuscated credentials, hardcoded tokens disguised as configuration values, and secrets that have been base64 encoded or split across multiple variables. Traditional secret scanners miss these regularly.
- Dependency Auditor (10%) — Handles supply chain security. Checks for known vulnerable dependencies, typosquatting, and slopsquatting — packages that AI models hallucinate into existence and that attackers then register on npm or PyPI. A growing attack vector that most teams aren’t monitoring.
- IaC Scanner (10%) — Audits infrastructure-as-code: Terraform configurations, Dockerfiles, Kubernetes manifests, and GitHub Actions workflows. Catches overly permissive IAM policies, unpinned action versions, exposed ports, and insecure container configurations.
- AI Code Reviewer (10%) — Specifically targets patterns common in AI-generated code. Hallucinated dependencies, copy-pasted insecure patterns from training data, overconfident crypto implementations, and the characteristic “looks right but is subtly broken” code that LLMs produce. This agent exists because AI code has different failure modes than human code.
- Business Logic Analyzer (10%) — Looks for race conditions, TOCTOU (Time of Check to Time of Use) bugs, improper state machine transitions, and logic flaws that pattern matching alone can’t detect. These are the vulnerabilities hardest to find with traditional SAST tools because they require understanding what the application is actually supposed to do.
The GARE Architecture
The four phases underlying the tool are called GARE: Gather, Analyse, Recommend, Execute. It’s the same orchestration pattern used in enterprise security products, adapted to run entirely within Claude Code’s execution environment — locally, with no data leaving your machine.
Phase 1 (Gather) scans the project to detect languages, frameworks, and infrastructure. It enumerates entry points (API routes, form handlers, CLI interfaces), maps trust boundaries (where user input enters the system), and performs a STRIDE threat model. This context is passed to every agent so they know what they’re looking at before they start.
Phase 2 (Analyse) dispatches all eight agents in parallel. Each receives the gathered context plus its own domain-specific reference files, and returns a list of tagged findings (VULN-001, VULN-002, etc.) with severity scores, confidence levels, affected file locations, and suggested fixes.
Phase 3 (Recommend) aggregates findings across all agents, deduplicates overlapping issues, chains related vulnerabilities into attack paths, and maps everything against your chosen compliance framework — PCI DSS, HIPAA, SOC 2, GDPR, or NIST 800-53. The output is a prioritised remediation queue ordered by risk.
Phase 4 (Execute) produces the final report: overall security score, letter grade, every finding with severity and confidence, and specific code-level fix suggestions. You can ask Claude Code to apply fixes directly, or export the report for your team.
Real Results: From 62/100 to 90/100
The most compelling demonstration of the tool is what happened when Daniel pointed it at his own claude-ads codebase. He expected a clean result. Instead, the initial score came back at 62/100 — a D grade — with 23 vulnerabilities across five categories.
The most serious finding was a Server-Side Request Forgery (SSRF) vulnerability in the API integration layer. The code was accepting user-provided URLs for webhook callbacks without validating the destination, which would allow an attacker to make the server send requests to internal services. The agent flagged it as CRITICAL with HIGH confidence and provided the exact fix: URL validation with an allowlist of permitted domains.
The IaC agent found that GitHub Actions workflows were using unpinned action versions — specifying actions/checkout@v4 rather than pinning to a specific commit SHA. A compromised action could inject malicious code into the CI pipeline at any point. The fix was pinning every action to its full commit SHA.
The tool also flagged the absence of automated security scanning in the CI pipeline itself. With no CodeQL scanning or dependency review as required checks, vulnerabilities could be merged without any automated gate. After applying all 23 fixes and re-running the audit, the score jumped to 90/100, and the changes shipped in the v1.5.1 patch release.
How the Scoring Works
Every finding gets a severity score calculated from four factors: base severity (mapped from CVSS), confidence level, exploitability, and contextual modifiers. The overall score is a weighted aggregate of all eight agent scores, using the weights assigned to each agent.
There are five severity tiers — CRITICAL (90–100), HIGH (70–89), MEDIUM (40–69), LOW (20–39), and INFO (0–19) — and four confidence tiers. Confidence directly scales a finding’s impact on your score: a LOW-confidence CRITICAL finding doesn’t tank your grade the way a HIGH-confidence one does.
The most important feature of the scoring system is the auto-CRITICAL gate. If any single finding scores 90 or above with HIGH confidence, the overall project score is automatically capped at 69 (a C grade), regardless of how well everything else scores. This prevents a project from earning an A while harbouring a known critical vulnerability. Critical issues have to be fixed first — the score won’t improve until they are.
Coverage: Languages, Standards, and Frameworks
The tool covers the OWASP Top 10:2025 in full, including the two new categories added in the 2025 edition: A03 (Software and Data Integrity / Supply Chain) and A10 (Exceptional Conditions). It also covers all 25 entries in the CWE Top 25:2024, with dedicated detection logic for each, and maps findings to seven MITRE ATT&CK techniques.
Language support spans 11 languages: Python, JavaScript/TypeScript, Java, Go, Rust, C/C++, Ruby, PHP, C#, Swift/Kotlin, and shell scripts. The tool auto-detects which languages are present and loads the appropriate rules. Framework-aware false-positive suppression is available for ten major frameworks including Django, FastAPI, Express, React, Spring Boot, Rails, and ASP.NET Core, plus seven ORMs — which matters a lot in practice, since tools that don’t understand your framework tend to generate noise that developers start ignoring.
How It Compares to GitHub Advanced Security
GitHub Advanced Security (GHAS) is the natural comparison point. It’s a solid enterprise product with tight GitHub integration, automatic CI scanning on every pull request, and CodeQL analysis. But it costs $49 per committer per month, which adds up quickly for any meaningful team size.
Beyond cost, there are genuine capability gaps. GHAS supports 9 languages to claude-cybersecurity’s 11. It doesn’t include business logic analysis, AI-specific code checks, or MITRE ATT&CK mapping. Its IaC scanning is limited compared to the dedicated IaC Scanner agent. And it doesn’t map findings to compliance frameworks.
The practical answer for most teams is probably both. GHAS excels at automated CI gates — catching issues before they’re merged. claude-cybersecurity is better for periodic deep audits, pre-release security reviews, and auditing codebases that weren’t written with security tooling in mind from the start. And since claude-cybersecurity is free, adding it to an existing workflow has no cost barrier.
Installation
Installation takes about 30 seconds:
One-liner:
curl -fsSL https://raw.githubusercontent.com/AgriciDaniel/claude-cybersecurity/main/install.sh | bashManual:
git clone https://github.com/AgriciDaniel/claude-cybersecurity.git
cp -r claude-cybersecurity/.claude/skills/cybersecurity your-project/.claude/skills/Once installed, the main commands are:
# Full security audit
/cybersecurity
# Audit a specific directory
/cybersecurity src/
# Quick scan (faster, fewer checks)
/cybersecurity --scope quick
# Audit with compliance mapping
/cybersecurity --compliance soc2
# Scan only changed files (useful for PRs)
/cybersecurity --scope diffNo external dependencies. No API keys. No configuration files. The tool works with any project Claude Code can read, all analysis runs locally, and no code leaves your machine. It’s MIT licensed with no usage limits.
The Bigger Picture
The uncomfortable reality of the current AI coding moment is that speed and security are pulling in opposite directions. AI tools make it genuinely faster to ship working code. But “working” and “secure” are not the same thing, and the velocity gains from AI assistance can quietly accumulate security debt faster than traditional review processes can catch it.
Tools like claude-cybersecurity exist in that gap. They don’t slow you down — a full audit on a medium codebase takes minutes. What they do is give you visibility into the security implications of code that was written fast, at scale, with a tool that optimises for correctness over security. That visibility is increasingly non-optional for anything shipping to production.
The project is on GitHub at AgriciDaniel/claude-cybersecurity. Worth running before your next release.
Leave a Reply
You must be logged in to post a comment.