Comment by trueadm
4 months ago
Please can you create a Github issue with the security holes you've found? That would be greatly appreciated. I've given it a sweep and found nothing.
4 months ago
Please can you create a Github issue with the security holes you've found? That would be greatly appreciated. I've given it a sweep and found nothing.
Sibling's proposed approach is a recipe for false positives.
Consider Claude Code's new /security-review prompt or just use the prompt starting from "Objective" after giving the context (see the Git shell commands) to Claude Opus 4.1.
https://raw.githubusercontent.com/anthropics/claude-code-sec...
Definitely Opus 4.1 though, not lesser.
I suggest do both.
Make a minimal zip of the the source code only (cut out anything not source code) drop it into ChatGPT and say "analyse this code for security flaws".
Then ask it for more.
Then do the same this with Google AI studio - drop the zipfile in and ask it to analyse for security flaws.
If you already did so why not share the answers you got?