Developers can customize security review rules to fit project requirements by following these steps:
- Creating Configuration Files: Create the
.claude/commands/folder and copy the officially providedsecurity-review.mdfile to that folder. - Editorial rules: in
security-review.mdto add or modify rules, such as ignoring certain types of false positives or adding specific security checks. - Save and take effect: Save the changes and re-run
/security-reviewcommand, the tool performs a scan according to the new rules.
With custom rules, developers have more flexibility in controlling the behavior of the tool, resulting in more efficient review.
This answer comes from the articleClaude Code Security Review: a GitHub tool to automate code security vulnerability scanningThe
May not be reproduced without permission:AI productivity tools " How do I customize the security review rules for Claude Code Security Review?
English 
简体中文 
日本語 
Deutsch 
Português do Brasil