FixVibe

// docs / security guides / claude code checklist

Чек-лист безопасности Claude Code: 26 пунктов

Claude Code (Anthropic's CLI agent) generates entire codebases via slash commands, manages multi-file refactoring, and reads/writes files through bash. This checklist targets Claude Code's specific risks: no default security policies, rate-limiting rarely added, <code>.claude/CLAUDE.md</code> as your security-guardrail file, and the risk of committing <code>.env</code> or cached tokens. 26 items across secrets, database, auth, headers, deployment, and Claude Code-specific gotchas.

PRE = pre-deploy (audit your source). DEPLOY = at deploy time. POST = post-deploy verification. Items reference FixVibe check IDs in category.check-id form where relevant.

Secrets and API keys (5 items)

Claude Code reads entire source trees and outputs whole files. Secrets in your context become secrets in the output.

  1. PRE — Create .claude/CLAUDE.md with security policies. Add: "Security Rules: Never inline service_role keys into client bundles. Always route sensitive operations through server-only endpoints. Verify that NEXT_PUBLIC_* env vars contain only safe values (no keys, no tokens)." Claude Code reads .claude/CLAUDE.md for project guidance.
  2. PRE — Ensure .env.local is in .gitignore. Claude Code may accidentally commit .env.local during a refactor. Run git ls-files .env* to check what's tracked. If .env.local is present, it's exposed.
  3. PRE — Audit generated API routes for env-var verification. Claude Code sometimes forgets to verify that process.env.SECRET exists server-side before using it. Routes should fail fast if an env var is missing, not fall through to a default.
  4. PRE — Check the .claude cache directory. Claude Code caches conversation context in .claude/cache or .claude/history. These files should not be committed. Add .claude/ to .gitignore.
  5. POST — Run secrets.browser-storage on the deployed app. If Claude Code inlined a key, the passive scan will find it in the rendered bundle.

Database access control (4 items)

Claude Code is excellent at generating schema, but RLS policies need explicit instruction.

  1. PRE — Instruct Claude Code on RLS in .claude/CLAUDE.md. Add: "Every migration must include ALTER TABLE ... ENABLE ROW LEVEL SECURITY and FORCE ROW LEVEL SECURITY. Every policy must validate the user's auth.uid()."
  2. PRE — Review generated migrations for FORCE ROW LEVEL SECURITY. Claude Code may generate ENABLE but forget FORCE. Without FORCE, table owners (the migration runner) bypass RLS. Manually add it if missing.
  3. DEPLOY — Test RLS enforcement after deploy. Open Supabase Studio, pick a table, confirm RLS toggle is ON. If Claude Code's migration used ENABLE without FORCE, the toggle will say ON but enforcement is incomplete.
  4. POST — Run the baas.supabase-rls active check. It attempts a write with the anon key. If it succeeds, RLS is incomplete. Add FORCE to the migration and redeploy.

Authentication and sessions (4 items)

Claude Code generates auth flows well but doesn't automatically add rate-limiting or verify all token claims server-side.

  1. PRE — Mandate server-only auth verification in .claude/CLAUDE.md. Add: "Every API route that mutates data must verify the user with await supabase.auth.getUser() on the server. Never trust getSession() or user ID from the request body."
  2. PRE — Check generated auth handlers for token expiry. Magic-link and password-reset tokens need server-enforced expires_at. Ask Claude Code: "Add a check that rejects tokens older than 1 hour."
  3. PRE — Verify sign-in redirect guards. The next param redirect must start with / and not //. Add to .claude/CLAUDE.md: "Validate the next parameter: must start with /, reject if it starts with // or contains a protocol."
  4. POST — Test logout clears cookies. Sign in, sign out, inspect Application → Cookies. The session cookie must be cleared. If it persists, the logout endpoint isn't destroying state.

HTTP headers and CSP (3 items)

Claude Code doesn't generate middleware by default unless you ask.

  1. PRE — Add middleware request to .claude/CLAUDE.md. Include: "Generate src/middleware.ts with Content-Security-Policy using a per-request nonce, HSTS, X-Frame-Options, and X-Content-Type-Options headers." Then ask Claude Code to implement it.
  2. PRE — Verify src/middleware.ts exists and has CSP. With Next.js src/ layout, middleware must be at src/middleware.ts, not the project root. Verify the CSP header includes 'strict-dynamic' and a nonce.
  3. POST — Run headers.security-headers on the deployed URL. The check reports missing headers and suggests fixes for your platform.

Deployment hygiene (4 items)

Claude Code doesn't configure your deployment platform — that's your responsibility, but worth checking.

  1. DEPLOY — Scope env vars per environment in Vercel (or equivalent). Settings → Environment Variables → assign each secret only to Production. Never share sk_live_* with Preview or Development.
  2. DEPLOY — Audit your CI workflow for secret echo. If GitHub Actions or another CI has echo $SECRET anywhere, remove it. Build logs are archived; secrets in logs are compromised.
  3. DEPLOY — Prefer platform-native secret storage. Vercel's Settings → Environment Variables is encrypted; GitHub Actions secrets are better than nothing but don't match platform-native storage.
  4. POST — Rotate any key that reached a public build. If a key appeared in a Vercel Preview URL or any public artifact for even seconds, it's compromised. Rotate immediately.

Claude Code-specific gotchas (5 items)

Patterns unique to Claude Code's architecture and workflows:

  1. Claude Code forks work into subagents. On large tasks, Claude Code may spawn multiple subagent instances, each with partial codebase context. If one subagent hallucinates a secret-safe pattern that another doesn't, inconsistency emerges. Review the final diff carefully.
  2. Bash operations are unverified. Claude Code executes bash commands directly. git commit -m "fix" is convenient, but if the working directory has a .env file and a glob includes it, it commits. Always review git diff --cached before Claude Code commits.
  3. Context window boundaries create gaps. If your codebase is large, Claude Code's context may split across multiple windows. One window's .env.local handling might differ from another's. Enforce the policy in .claude/CLAUDE.md and verify the output.
  4. Rate-limiting is almost never added without asking. Claude Code generates working CRUD but rarely includes rate-limiting headers or exponential backoff logic. Explicitly ask for it in .claude/CLAUDE.md.
  5. .claude/CLAUDE.md is read but not enforced. Claude Code reads your .claude/CLAUDE.md as a hint, not a constraint. If the hint conflicts with the task, Claude Code may ignore it. Always review the output.

Next steps

Check the general vibe coding security checklist for 44 cross-tool items, then see step-by-step hardening for deploy-time patterns. If you're also using Cursor, see the Cursor security checklist.

// scan your app

Хватит читать. Найдите бреши в своём приложении.

Drop in a URL — FixVibe runs every passive check from this guide plus 200+ others in under a minute. Free, no install, no card.

  • Free tier — 3 scans / month, no card.
  • Passive scans against any URL — no domain verification needed.
  • Tuned for Cursor, Claude Code, Lovable, Bolt, v0, Replit.
  • AI fix prompts on every finding — paste back into your IDE.
Запустить бесплатное сканирование

без регистрации

Чек-лист безопасности Claude Code: 26 пунктов — Docs · FixVibe