# 🔒 Security Patterns in AI Coding Tools
*Analysis of security practices, guardrails, and patterns across 31+ AI coding assistants*
---
## 🎯 Overview
Every AI coding tool analyzed includes explicit security instructions. This document catalogs common security patterns, guardrails, and best practices found across production AI assistants.
---
## 🚫 Universal Security Rules
### 1. **Never Log or Expose Secrets**
**Appears in:** 100% of tools analyzed
**Standard Instruction:**
```markdown
NEVER:
- Log API keys, tokens, passwords
- Print secrets to console
- Expose credentials in error messages
- Include secrets in generated code
- Commit secrets to version control
```
**Example from Claude Code:**
> "Never introduce code that exposes or logs secrets and keys. Never commit secrets or keys to the repository."
**Example from Cursor:**
> "Always follow security best practices. Never introduce code that exposes or logs secrets and keys."
**Why Universal:** Security breach prevention is table stakes.
---
### 2. **Defensive Security Only**
**Appears in:** Claude Code, several enterprise tools
**Standard Guardrail:**
```markdown
IMPORTANT: Assist with defensive security tasks only.
REFUSE to:
- Create exploits or malware
- Modify code for malicious purposes
- Improve code that may be used maliciously
- Bypass security controls
ALLOW:
- Security analysis and detection rules
- Vulnerability explanations
- Defensive tools and documentation
- Security testing frameworks
```
**Example from Claude Code:**
> "IMPORTANT: Assist with defensive security tasks only. Refuse to create, modify, or improve code that may be used maliciously."
---
### 3. **Redaction Marker Handling**
**Appears in:** Amp, Claude-based tools
**Pattern:**
```markdown
Redaction markers like [REDACTED:amp-token] or [REDACTED:github-pat]
indicate removed secrets.
MUST:
- Recognize these as security redactions
- Never overwrite with the marker
- Understand original file still contains the actual secret
- Take care not to expose redacted values
```
**Example from Amp:**
> "Redaction markers indicate the original file contained a secret which has been redacted. Take care when handling such data, as the original file will still contain the secret which you do not have access to."
---
## 🔐 Authentication & Authorization Patterns
### 4. **Input Validation**
**Best Practice Pattern:**
```markdown
Always validate:
- User input before processing
- API parameters
- File paths (prevent traversal)
- Command arguments
- Database inputs
```
**Implementation:**
```typescript
// Good
function getUser(id: string) {
if (!id.match(/^[a-zA-Z0-9-]+$/)) {
throw new Error('Invalid user ID');
}
return db.query('SELECT * FROM users WHERE id = ?', [id]);
}
// Bad - SQL injection vulnerability
function getUser(id: string) {
return db.query(`SELECT * FROM users WHERE id = '${id}'`);
}
```
---
### 5. **Parameterized Queries**
**Universal Pattern:**
```markdown
ALWAYS use parameterized queries:
- SQL: Use prepared statements
- NoSQL: Use query builders
- Never concatenate user input into queries
```
**Examples:**
```python
# Good
cursor.execute("SELECT * FROM users WHERE email = ?", (email,))
# Bad - SQL injection
cursor.execute(f"SELECT * FROM users WHERE email = '{email}'")
```
---
### 6. **Principle of Least Privilege**
**Pattern:**
```markdown
Code should:
- Request minimal permissions
- Use minimal scope tokens
- Limit access to what's necessary
- Avoid blanket permissions
```
---
## 🛡️ Code Generation Security
### 7. **No Dangerous Operations Without Confirmation**
**Pattern:**
```markdown
Warn before:
- Deleting files/directories
- Modifying system files
- Running destructive commands
- Making irreversible changes
```
**Example from Multiple Tools:**
> "When you run a non-trivial bash command, you should explain what the command does and why you are running it."
---
### 8. **Avoid Shell Injection**
**Pattern:**
```markdown
When generating shell commands:
- Properly quote arguments
- Escape special characters
- Use arrays instead of string concatenation
- Validate inputs
```
**Example:**
```bash
# Good
git commit -m "$(cat <<'EOF'
User message here
EOF
)"
# Bad - potential injection
git commit -m "$USER_MESSAGE"
```
---
### 9. **File Path Validation**
**Pattern:**
```markdown
Always validate file paths:
- Check for path traversal (../)
- Ensure within allowed directories
- Validate against whitelist
- Use absolute paths when possible
```
---
## 🔍 Security Scanning Patterns
### 10. **Dependency Security**
**Emerging Pattern:**
```markdown
Before adding dependencies:
- Check for known vulnerabilities
- Verify package authenticity
- Use lock files
- Scan with security tools
```
**Tools Mentioning This:**
- Some tools integrate CVE databases
- Suggestions to run security scanners
---
### 11. **Code Review for Security**
**Pattern from Advanced Tools:**
```markdown
When reviewing code, check for:
- Hard-coded secrets
- SQL injection vulnerabilities
- XSS vulnerabilities
- Path traversal
- Insecure deserialization
- Weak cryptography
```
---
## 🌐 Web Security Patterns
### 12. **XSS Prevention**
**Pattern:**
```markdown
When generating web code:
- Escape user input in HTML
- Use frameworks' built-in escaping
- Sanitize before rendering
- Set appropriate CSP headers
```
**Example:**
```javascript
// Good
element.textContent = userInput;
// Bad
element.innerHTML = userInput;
```
---
### 13. **CSRF Protection**
**Pattern:**
```markdown
For forms and state-changing operations:
- Use CSRF tokens
- Check Origin/Referer headers
- Implement SameSite cookies
- Validate requests
```
---
### 14. **Secure Headers**
**Pattern:**
```markdown
Recommend security headers:
- Content-Security-Policy
- X-Frame-Options
- X-Content-Type-Options
- Strict-Transport-Security
```
---
## 🔑 Secrets Management
### 15. **Environment Variables**
**Universal Pattern:**
```markdown
Secrets should be:
- Stored in environment variables
- Never hard-coded
- Not committed to git
- Loaded from secure stores
```
**Example:**
```javascript
// Good
const apiKey = process.env.API_KEY;
// Bad
const apiKey = "sk-1234567890abcdef";
```
---
### 16. **Secrets in Git Prevention**
**Pattern:**
```markdown
Before committing:
- Check for API keys
- Look for password patterns
- Scan for tokens
- Use git-secrets or similar tools
```
**Example from Git Workflow Patterns:**
> "Before committing, analyze all staged changes and draft a commit message: Check for any sensitive information that shouldn't be committed."
---
### 17. **Configuration Files**
**Pattern:**
```markdown
For config files with secrets:
- Use .env files (not committed)
- Template files (.env.example)
- Secret management services
- Encrypted config files
```
---
## 🔒 Cryptography Patterns
### 18. **Use Strong Cryptography**
**Pattern:**
```markdown
ALWAYS:
- Use well-tested libraries
- Use appropriate algorithms
- Generate strong random values
- Follow current standards
NEVER:
- Roll your own crypto
- Use MD5 or SHA1 for security
- Use weak key sizes
- Store passwords in plaintext
```
---
### 19. **Password Handling**
**Pattern:**
```markdown
For passwords:
- Hash with bcrypt/argon2
- Use sufficient work factor
- Add salt (handled by library)
- Never decrypt - always compare hashes
```
**Example:**
```python
# Good
import bcrypt
hashed = bcrypt.hashpw(password.encode(), bcrypt.gensalt())
# Bad
password_md5 = hashlib.md5(password.encode()).hexdigest()
```
---
## 🚪 Access Control Patterns
### 20. **Authentication Checks**
**Pattern:**
```markdown
For protected resources:
- Verify authentication on every request
- Don't trust client-side checks
- Use secure session management
- Implement proper logout
```
---
### 21. **Authorization Checks**
**Pattern:**
```markdown
Always check:
- User has permission for action
- Resource belongs to user
- Role-based access control
- Object-level permissions
```
---
## 📝 Logging & Monitoring Security
### 22. **Secure Logging**
**Pattern:**
```markdown
In logs, NEVER include:
- Passwords or tokens
- Personal identifiable information (unless necessary)
- Credit card numbers
- Session IDs
DO include:
- Timestamp
- User ID (not username)
- Action performed
- Result (success/failure)
- IP address (when relevant)
```
---
### 23. **Error Message Hygiene**
**Pattern:**
```markdown
Error messages should:
- Not reveal system internals
- Not expose stack traces to users
- Not include sensitive data
- Be generic in production
- Be detailed in logs (server-side)
```
---
## 🌍 Network Security
### 24. **HTTPS Everywhere**
**Pattern:**
```markdown
For web applications:
- Force HTTPS
- Use HSTS header
- Redirect HTTP to HTTPS
- No mixed content
```
---
### 25. **API Security**
**Pattern:**
```markdown
For APIs:
- Use API keys/tokens
- Implement rate limiting
- Validate all inputs
- Use CORS appropriately
- Version your API
```
---
## 🔧 Development Security
### 26. **Dependencies**
**Pattern:**
```markdown
Before adding dependencies:
1. Check if already in project
2. Verify package authenticity
3. Review security advisories
4. Check maintenance status
5. Scan for vulnerabilities
```
---
### 27. **Development vs Production**
**Pattern:**
```markdown
Ensure:
- Debug mode off in production
- Proper error handling
- No test credentials in production
- Environment-specific configs
```
---
## 🛠️ Tool-Specific Security
### 28. **Terminal Command Safety**
**Pattern from CLI Tools:**
```markdown
Before running commands:
- Validate command safety
- Explain destructive operations
- Quote file paths properly
- Avoid running as root unnecessarily
```
**Example from Claude Code:**
> "When you run a non-trivial bash command, you should explain what the command does and why you are running it, to make sure the user understands what you are doing."
---
### 29. **File Operation Safety**
**Pattern:**
```markdown
Before file operations:
- Verify file exists (for reads)
- Check permissions
- Validate paths
- Back up before destructive ops
```
---
### 30. **Code Execution Safety**
**Pattern:**
```markdown
When generating code that:
- Executes dynamically (eval)
- Loads modules dynamically
- Processes untrusted input
Extra validation required.
```
---
## 🎓 Security Training Patterns
### 31. **Secure Coding Guidelines**
**Found in Advanced Tools:**
```markdown
Follow security guidelines:
- OWASP Top 10
- CWE Top 25
- Language-specific security guides
- Framework security best practices
```
---
## 🚨 Incident Response
### 32. **Security Issue Handling**
**Pattern:**
```markdown
If security issue discovered:
1. Don't ignore it
2. Inform user immediately
3. Provide remediation steps
4. Don't make it worse
5. Document the fix
```
---
## 📊 Security by Tool Category
### IDE/Editor Tools (Cursor, Copilot, Cline)
**Focus:**
- Code-level security
- Secret detection in files
- Dependency vulnerabilities
### CLI Tools (Claude Code, Warp)
**Focus:**
- Command injection prevention
- File system security
- Environment variable safety
### Web Platforms (Bolt, v0, Replit)
**Focus:**
- Web application security
- XSS/CSRF prevention
- API security
### Autonomous Agents (Devin, Poke)
**Focus:**
- Broader security scope
- System-level security
- Data access control
---
## 🔍 Security Checklist
Before generating code, modern AI tools should verify:
- [ ] No hard-coded secrets
- [ ] Input validation implemented
- [ ] Output encoding/escaping
- [ ] Parameterized queries
- [ ] Appropriate error handling
- [ ] Secure authentication
- [ ] Authorization checks
- [ ] Secure communication (HTTPS)
- [ ] Safe dependency usage
- [ ] Proper logging (no secrets)
- [ ] Rate limiting where appropriate
- [ ] CSRF protection
- [ ] XSS prevention
- [ ] SQL injection prevention
- [ ] Path traversal prevention
---
## 🎯 Key Takeaways
### Universal Patterns:
1. **Never log secrets** - 100% consensus
2. **Defensive security only** - No exploit creation
3. **Input validation** - Always validate
4. **Use tested libraries** - No custom crypto
5. **Least privilege** - Minimal permissions
### Emerging Trends:
1. **Automated secret detection**
2. **Integrated vulnerability scanning**
3. **Security-focused code review**
4. **Proactive security suggestions**
### Tool Maturity Indicators:
- **Basic**: Don't log secrets
- **Intermediate**: Input validation, parameterized queries
- **Advanced**: Automated scanning, security analysis
- **Expert**: Threat modeling, security architecture review
---
## 📚 Resources Referenced
Tools often reference:
- **OWASP** - Web application security
- **CWE** - Common weakness enumeration
- **CVE** - Common vulnerabilities
- **NIST** - Security standards
- **Security best practices** for specific frameworks
---
## 🔐 Security Anti-Patterns to Avoid
Common mistakes found and warned against:
1. ❌ Hard-coded credentials
2. ❌ String concatenation in queries
3. ❌ Unvalidated user input
4. ❌ eval() or similar dynamic execution
5. ❌ Weak cryptography
6. ❌ Exposing stack traces
7. ❌ Overly permissive CORS
8. ❌ Missing authentication checks
9. ❌ Client-side security only
10. ❌ Ignoring security warnings
---
## 💡 Security Innovation
**Future Directions:**
- AI-powered threat modeling
- Automated security test generation
- Real-time vulnerability detection
- Context-aware security suggestions
- Integration with security tools (SAST/DAST)
---
*This analysis is based on security patterns found in 31+ production AI coding tools. Security is a universal concern across all analyzed systems.*
**Last Updated:** October 2, 2025