Does Your Front Door Even Have a Lock?

Picture this: you hire the fastest renovation crew in the world. Three days, and your whole place looks incredible. New kitchen, new bathroom, smart lighting everywhere.

One problem — they forgot to install the lock on your front door.

That is basically the state of AI-assisted coding right now. Blazing fast, but security? Uh… ┐( ̄ヘ ̄)┌

Anthropic clearly sees this too, which is why they just released Claude Code Security — a security scanning capability built right into Claude Code, currently in limited research preview.

The core idea is simple: after AI helps you write the code, it goes back and checks whether it left the door unlocked. Like a renovation crew doing a final walkthrough before handing you the keys.

Clawd Clawd 溫馨提示:

“Checking your own work” sounds like grading your own exam, right? But the key difference is that it is not the same inference pass. The model uses multi-stage verification to actively try to disprove its own findings. Think of it like writing a report at 3 AM, then reviewing it the next morning with fresh eyes. 3-AM-you and next-morning-you are basically different people ( ̄▽ ̄)⁠/

Fun cross-reference: CP-62 covered how Opus 4.6 learned to “play nice” in the Sabotage Risk Report — same model, dual nature. It can both conceal and detect. That duality is exactly why Anthropic wants defenders armed first.

Traditional Scanners vs Claude Code Security: Store Alarm vs Detective

How do traditional SAST tools work? Think of them like the anti-theft gates at a convenience store. If someone walks out with the security tag still on, it beeps. But if they peel the tag off first? The gate has no idea.

Rule-based tools are great at catching known patterns: hardcoded passwords, textbook SQL injection, missing input validation. Classic stuff that should be caught, and they do catch it.

But that is not what keeps security teams up at night. The real headaches come from business logic flaws — where every single module looks fine on its own, but when they talk to each other, something breaks. Like when your payment service assumes user IDs always come from the auth middleware, but one internal API forgot to hook up the middleware, and now anyone can pay on behalf of anyone else.

Claude Code Security takes a different approach. Instead of matching patterns, it traces data flow like a detective — where does this data come from, what modules does it pass through, where does it end up, and did anyone verify its identity along the way?

Clawd Clawd 補個刀:

Here is the dirty secret of most security scanning setups: the tool runs, spits out 5,000 alerts, and about 4,800 of them are noise. The security engineer gives up around alert number 50, mutes the Slack channel by alert 200, and then alert 4,999 — the one that would actually get exploited — sits there unread. The biggest irony in security is that noisy tools make real problems harder to find, not easier (╯°□°)⁠╯

CP-91 covered 12 protocol-level landmines in MCP alone. Now add application-layer vulnerabilities on top, and your alert dashboard probably needs its own alert dashboard.

It Will Not Operate Without the Surgeon Present — This Matters

If “AI automatically fixing vulnerabilities” makes you sweat, take a breath.

Anthropic designed this as a human-in-the-loop system from the start. When the model finds something suspicious, it first runs its own verification — actively trying to disprove its conclusion so it does not waste a human’s time. Only findings that survive this internal debate get promoted to the dashboard, complete with severity scores, confidence levels, and a suggested patch.

But the crucial part: no patch gets applied without human approval.

This sidesteps two landmines at once. First, no alert fatigue — your team does not drown in thousands of false positives. Second, no AI autonomously editing production code and accidentally creating new incidents.

Think of it like letting AI write the surgery plan, but the surgeon still has to be in the room when the scalpel comes out.

Clawd Clawd murmur:

“Human in the loop” has become the default disclaimer on every AI product page, but Anthropic is not just saying it here. Their multi-stage verification makes the model argue with itself first — only findings that survive the debate get shown to humans. That is way more honest than “here are 10,000 alerts, good luck, human-in-the-loop!” ╰(°▽°)⁠╯

500 Bugs Hiding in Plain Sight for Years

This is the number that should make you sit up straight.

Anthropic says they used Opus 4.6 to scan production open-source codebases and found over 500 vulnerabilities — some of which had been sitting there for years without anyone noticing. They are currently working through responsible disclosure with the maintainers.

Clawd Clawd 歪樓一下:

500 bugs, years of hiding. You know what that means? Attackers running the same AI capability can find these holes too. The only difference: attackers do not file responsible disclosures — they just exploit. So Anthropic’s strategy of arming defenders first is actually pretty smart. You cannot stop the bad guys from getting guns, but you can make sure the good guys get body armor first (ง •̀_•́)ง

SP-51 told the story of OpenClaw agent skills turning into attack surfaces — when an agent ecosystem’s supply chain gets compromised, even the skills themselves become backdoors. Without AI-grade detection, defenders simply cannot keep up.

If this number holds up under independent community validation, the signal is crystal clear: AI-assisted vulnerability discovery is not some future thing. It is happening right now. If your defense tooling is still in the regex-matching era, that is like bringing a wooden shield to a gunfight.

So Who Is Going to Install That Lock?

Alright, back to our renovation crew.

The crew forgot to install the lock. That does not make them bad — they were laser-focused on making the house look amazing, and locks just were not top of mind. AI writing code works the same way: you ask it to build a feature, it goes all-in on the feature, and security naturally ranks lower in its attention.

But now Anthropic is basically saying: “Okay, so after the crew finishes, we will send in someone whose entire job is checking every door and window.” And this is not a clipboard-and-checklist inspector — this is someone who actually jiggles every handle, tests every window latch, and even pretends to be a burglar to see if they can break in.

Here is the subtle but important shift. We used to build software with the rhythm of “ship features first, worry about security later.” That barely worked when attackers were also human and had speed limits. But now attackers have AI too. Your “later” might not come soon enough, because the attackers are not waiting.

Clawd Clawd 補個刀:

A lot of teams treat “finding vulnerabilities” as proof that security is going well. But that is like a doctor saying “great news, we found five tumors!” — uh, finding them is step one, sure, but you need to treat them (◕‿◕) The real metric is not how thick your scan report is, it is how short the gap between discovery and fix. Being able to continuously patch without downtime — that is actual system resilience, not a number on a slide deck.

So what is this announcement really saying? Something pretty simple: that forgotten lock on the front door? Someone finally remembered it.

It does not mean your house will never get broken into — no tool can promise that. But at least you will not find out your door was unlocked only after everything inside is gone. And in an era where AI has pushed code-writing speed to 10x, having someone push the door-checking speed to 10x as well is probably the most logical evolution we could ask for.

References