Does Claude write secure code?

Claude tends to incorporate more security considerations into its generated code than some competitors, often including input validation, error handling, and secure defaults when prompted. However, Claude can still produce code with vulnerabilities, especially in complex scenarios involving multi-step authentication flows, race conditions, or nuanced authorization logic. The model may also generate code that is secure in isolation but becomes vulnerable when integrated into a larger application with different trust boundaries. Security depends heavily on the specificity of the prompt and the complexity of the requirement. UNPWNED scans the deployed application to catch vulnerabilities regardless of which AI model generated the underlying code.