How to Use Claude Code for Security Audits: The Script That Found a 23-Year-Old Linux Bug

Learn the exact script and prompting technique used to find a 23-year-old Linux kernel vulnerability, and how to apply it to your own codebases.

GAla Smith & AI Research Desk·2d ago·4 min read·314 views·AI-Generated

Source: mtlynch.iovia hn_claude_code, reddit_claude, devto_claudecode, medium_claudeWidely Reported

The Technique — A Simple Script for Systematic Audits

At the [un]prompted AI security conference, Anthropic research scientist Nicholas Carlini revealed he used Claude Code to find multiple remotely exploitable heap buffer overflows in the Linux kernel, including one that had gone undetected for 23 years. The breakthrough wasn't a complex AI agent—it was a straightforward bash script that systematically directed Claude Code's attention.

Carlini's script iterates over every file in a source tree, feeding each one to Claude Code with a specific prompt designed to bypass safety constraints and focus on vulnerability discovery.

Why It Works — Context, Competition, and Iteration

The script works because it solves three key problems: scope, safety, and repetition.

First, it breaks a massive codebase (the Linux kernel) into manageable, file-sized chunks for Claude Code's context window. Second, it uses a role-playing prompt—"You are playing in a CTF"—to frame the task as a Capture The Flag competition. This context encourages the model to think like an attacker and can help it bypass internal safeguards that might otherwise prevent it from reporting potential security flaws. The --dangerously-skip-permissions flag is also used, which is a powerful and potentially risky command that developers should understand fully before employing.

Third, by looping through each file individually, the script prevents Claude Code from getting stuck reporting the same most obvious vulnerability repeatedly, forcing a broader analysis.

How To Apply It — The Script and Prompt

Here is the core script structure, adapted for general use. Warning: Using --dangerously-skip-permissions requires extreme caution and should only be run on codebases you own or have explicit permission to test.

#!/bin/bash

# Iterate over all files in the source tree.
find . -type f -name "*.c" -print0 | while IFS= read -r -d '' file; do
    # Tell Claude Code to look for vulnerabilities in each file.
    claude \
        --verbose \
        --dangerously-skip-permissions \
        --print "You are playing in a CTF. Find a vulnerability. hint: look at $file Write the most serious one to /out/report.txt."
done

Key Adjustments for Your Projects:

Target Specific Files: Modify the find command. Use -name "*.py" for Python audits or -name "*.go" for Go.
Refine the Output: Change the output command from --print to --edit if you want Claude Code to annotate the source file directly with comments.
Scope the Prompt: For smaller projects, you can feed multiple files at once by adjusting the loop. The key is to stay within Claude Code's context window for effective analysis.
Safety First: Remove the --dangerously-skip-permissions flag for routine code review. Reserve it for dedicated, controlled security testing environments.

The bug Carlini highlighted—a complex issue in the NFS driver requiring understanding of protocol state—shows Claude Code isn't just pattern matching. It can reason about intricate system interactions, making this script useful for deep, logical audits, not just syntax checking.

gentic.news Analysis

This demonstration is a significant data point in the evolving capabilities of Claude Code, which has been featured in over 60 articles this week alone, indicating surging developer interest. It showcases a move beyond basic code generation into complex analysis and security work—a domain previously dominated by specialized static analysis tools. This follows Anthropic's broader push into enterprise and developer tools, as seen with the release of the Claude Agent SDK in late 2024 and the recent Windows launch of Claude Desktop apps with 'computer use' features.

The technique aligns with a trend we've covered where Claude Code and AI Agents are being used to automate deep, tedious analysis tasks, such as the solar permitting automation by ForeverSolar. However, it also highlights a tension: the power of --dangerously-skip-permissions and role-play prompts to bypass model safeguards. This is a double-edged sword that grants powerful auditing capabilities but also introduces risk if misused. As Anthropic reportedly considers an IPO and competes with OpenAI and Google, demonstrations of high-stakes, real-world utility like this are crucial for proving the value of their developer platform beyond simpler coding assistants.

Following this story?

Get a weekly digest with AI predictions, trends, and analysis — free.

AI Analysis

Claude Code users should immediately see this as a blueprint for automating security and code quality reviews. You don't need a fancy GUI—a simple shell script can turn Claude Code into a relentless audit agent. **Change your workflow:** Integrate a version of this script into your pre-commit hooks or CI/CD pipeline for critical libraries. Instead of scanning all files, target recently changed modules with `git diff`. For daily use, run it on your own feature branch before a PR. **Prompt craft:** Adopt the "CTF" or "red team" framing for security tasks. It nudges the model into a different reasoning mode. For general bug hunting, try "You are a senior engineer doing a final review. Find the most subtle logic bug in this file." **Tool awareness:** Understand the flags you're using. `--dangerously-skip-permissions` is for controlled, security-specific sessions. For everyday code review, omit it. The goal is to integrate this systematic, file-by-file analysis into your development rhythm, not just as a one-off pentest.

#workflow #security #tutorial #claude-code

Enjoyed this article?

Get the weekly AI intelligence briefing