Claude's New Security Shield: How Anthropic Is Hardening AI-Generated Code

Supported managed providers at launch include Cloudflare, Daytona, Modal, and Vercel, though the feature requires an explicit beta header on API calls and isn't yet available on AWS deployments .

Security-Guidance Plugin: A Security Reviewer Inside the Terminal

The second release is a free security-guidance plugin for Claude Code that acts as an on-the-fly vulnerability scanner. Once installed from the official marketplace, the plugin hooks into Claude's write, edit, and multi-edit operations, scanning code for dangerous patterns before changes are applied . If it finds something, it can help Claude fix the issue within the same session—no separate security tool or additional commands required .

According to release documentation, the plugin catches roughly 25 risky code patterns using regex-based matching, covering vulnerabilities like command injection in GitHub Actions workflows, unsafe child_process.exec() calls, eval() and

new Function()

Anthropic reported seeing a 30–40% decrease in security-related comments on pull requests after using the plugin internally, positioning it as an effective lightweight first pass before human review . Importantly, the plugin runs automatically during development sessions—developers don't need to remember to turn it on or launch a separate scan .

The Bigger Picture: Three Layers of Claude Security

These two releases aren't standalone experiments. They’re the latest in a concentrated security push Anthropic has been rolling out since early 2026:

• February 2026: Anthropic launched Claude Code Security as a limited research preview, letting Claude scan entire codebases for vulnerabilities and suggest patches .
• April 30, 2026: That research preview graduated into Claude Security, a full public-beta product for Enterprise customers powered by Claude Opus 4.7 . It reasons across codebases like a human security researcher—tracing data flows, examining component interactions, and generating targeted patches—and reportedly found over 500 production vulnerabilities during its private preview .
• May 2026 (Code with Claude): Anthropic added the self-hosted sandbox, MCP tunnels, and the security-guidance plugin, focusing on developer-facing, real-time protection .

Taken together, the strategy addresses security at three distinct layers. The self-hosted sandbox provides infrastructure isolation, ensuring agent execution stays within a team’s controlled perimeter. The security-guidance plugin delivers code-level prevention, intercepting dangerous patterns as they are written. And Claude Security offers codebase-wide auditing, scanning entire repositories for deep, context-dependent vulnerabilities that pattern-matching tools typically miss . For enterprises already building with Claude’s coding tools, the message is clear: Anthropic is betting that AI-powered development won't take off unless AI-powered security ships alongside it.