Security code reviews slow down CI/CD pipelines. Reviewers rush to approve changes while trying to catch subtle vulnerabilities. Claude Code plus GitHub CLI gives you an AI assistant that reads pull requests, traces data flows, and flags security issues before they hit production.
Here's how to set it up.
High-Level Workflow
You invoke Claude Code, which uses GitHub CLI to fetch the PR, analyzes the diff for security issues, and delivers a structured findings report.
Setup: GitHub CLI
GitHub CLI (gh) connects Claude Code to GitHub's API so it can read pull requests, issues, and repository content.
Prerequisites
GitHub account with repository access
Claude Code CLI installed
Installation
brew install gh
gh auth loginVerify It Works
gh pr listYou should see your PRs listed.
Setup: security-code-audit Plugin
The security-code-audit plugin packages the security review workflow so you don't have to type it every time. It fetches the PR via GitHub CLI, analyzes the diff, traces data flows from sources to sinks, and outputs a structured report with severity ratings and recommendations.
Install the Plugin
claude plugin marketplace add mfakbar127/agent-skills
claude plugin install security-code-audit@mfakbar127-skillsUsage
use skills security-code-audit-mr to audit this PR https://github.com/kubernetes/ingress-nginx/pull/13374Demo: Reviewing a Real PR
Let's walk through a security review of an actual Kubernetes PR: kubernetes/ingress-nginx#13374.
The Pull Request
Field | Value |
|---|---|
Platform | GitHub |
URL | |
Number | #13374 |
Title | Validate external name services |
Author | crenshaw-dev |
Branches | main ← validate-external-name |
State | OPEN |
Files Changed | 4 |
+/- | +189 / -7 |
Running the Review
use skills security-code-audit-mr to audit this PR https://github.com/kubernetes/ingress-nginx/pull/13374
security-code-audit-mr skills loaded
Security Findings
CWE-287 · Low Severity
The PR introduces validation that prevents potential path traversal or authorization bypass through external name services. This is a defensive security improvement.
Location: internal/ingress/controller/store/store.go:638-641
The fix validates that external name services resolve to allowed hosts before proxying requests.
⚠️ PRE-EXISTING: Regex Metacharacter Injection
CWE-1333 · Medium Severity
Pre-existing issue (not introduced by this PR). Regex patterns are constructed using user-controlled values without proper escaping.
Location: internal/ingress/controller/store/store.go:585
Unescaped regex metacharacters in host patterns could cause denial of service or bypass scenarios.
Files Reviewed
File | Relevance | Findings |
|---|---|---|
| High | 2 |
| Medium | 0 |
| Low | 0 |
| Low | 0 |
Severity Breakdown
Severity | Count |
|---|---|
Critical | 0 |
High | 0 |
Medium | 1 (pre-existing) |
Low | 1 (positive fix) |
Info | 0 |
Verdict
APPROVED ✅
This PR improves security posture by adding validation for external name services. The pre-existing regex issue should be tracked separately.
Recommendations:
Merge this PR to fix the authorization bypass risk
File a follow-up issue for the regex metacharacter escaping
Consider adding integration tests for the new validation logic
This is where AI-assisted review earns its keep. Claude doesn't just scan for patterns—it understands the PR context, traces data flows, identifies whether issues are introduced or pre-existing, and provides actionable verdicts.
Next Steps
You now have automated security reviews for GitHub pull requests. The same approach works for architecture reviews, performance analysis, or compliance checks.
Subscribe to labs.secengai.com for more AI-powered security workflows.
Further Reading: