Claude Code ships security-guidance plugin with repo-level claude-security-guidance.md rules

• Anthropic shipped a security-guidance plugin for Claude Code, available to all users through the plugin marketplace, according to ClaudeDevs' launch thread.
• In a follow-up post, ClaudeDevs' internal rollout note said Anthropic saw a 30 to 40 percent drop in security-related comments on PRs opened with the plugin.
• Teams can enforce their own rules with a claude-security-guidance.md file that lives in the repo or is distributed via MDM, per ClaudeDevs' policy file post and the linked security guidance docs.
• The launch lands next to Anthropic's broader push on agent containment, which AnthropicAI's engineering post framed around sandboxing and scoped permissions in How we contain Claude.

You can open the security guidance docs, browse Anthropic's broader containment write-up, and there is also a separate Claude for Securing Source Code reference implementation sitting next to the plugin rollout. The interesting bit is the shape of the product: marketplace install on one side, repo-local policy files on the other, with Anthropic positioning it as a first-pass security layer before human review.

Anthropic shipped the security-guidance plugin into Claude Code's /plugins marketplace, with the launch post pitching it as a way to identify and fix vulnerabilities while code is being written.

That makes this a workflow feature, not a separate scanning product. Wes Roth's demo clip shows the same marketplace framing, and the official security guidance docs are where Anthropic points users for setup.

In the only concrete outcome metric Anthropic has shared so far, ClaudeDevs said internal rollout plus benchmarks produced a 30 to 40 percent decrease in security-related comments on PRs opened using the plugin.

The same post says the plugin is meant to be a lightweight first pass that catches issues before full code review. That framing matters because Anthropic is describing fewer downstream review comments, not claiming the plugin replaces human review.

The most useful implementation detail is the policy file. According to ClaudeDevs, teams can add org-specific rules in claude-security-guidance.md, place it directly in the repo, or distribute it through MDM.

That gives the plugin two policy surfaces:

• Built-in security checks from Anthropic, per the launch thread
• Org-specific rules in claude-security-guidance.md, per the same post
• Central distribution via MDM, which ClaudeDevs called out explicitly

The linked security guidance docs are where Anthropic says the plugin enforces those policies alongside its default checks.

Earlier the same day, AnthropicAI published an engineering post arguing that agent access and permissions should evolve with model capability, and said Anthropic constrains its own products through sandboxing.

That post is broader than Claude Code, but it gives the plugin launch some context. Anthropic is tying coding-agent safety to scoped permissions, constrained execution, and review layers in How we contain Claude.

Separate from the marketplace plugin, scaling01's post pointed to a new Anthropic repo called "Claude for Securing Source Code," described as a reference implementation for autonomous vulnerability discovery with human-reviewed remediation.

That adds one more piece to the rollout: a plugin for in-editor guidance, plus a reference implementation for more autonomous security workflows. The repo mention is the clearest sign this launch is part of a larger push than a single marketplace add-on.