NEW: Claude Code Security — research preview

Master Cheatsheet

Quick reference for all AI coding tools

Claude Code

CLI Flags

  • claude "task" — run a task
  • claude -p "task" — plan mode (preview only)
  • --resume — resume last session
  • --from-pr 42 — load PR context
  • --effort high — hint task complexity
  • --fork-session ID — branch a session

Slash Commands

  • /plan — preview changes before execution
  • /batch — run parallel agents
  • /loop — agentic loop for complex tasks
  • /debug — interactive debugger
  • /simplify — 3-agent code review
  • /compact — compress history (use at 70%)
  • /clear — clear context (use at 90%)
  • /cost — show token usage & costs
  • /context — show active files & tools

Permission Modes — cycle with Shift+Tab

  • default — ask before each change
  • acceptEdits — auto-accept file edits
  • plan — show plan, no execution
  • auto — classify & decide automatically
  • bypassPermissions — unrestricted ⚠️

Anti-Patterns

  • ❌ Task without updated CLAUDE.md
  • ❌ Using /clear mid-implementation
  • ❌ Agent teams without checkpoints
  • ❌ Bypassing permissions in complex work

GitHub Copilot

Keyboard Shortcuts

  • Ctrl+Alt+I — open Chat view
  • Ctrl+Shift+I — switch to agent mode
  • Ctrl+I — inline chat in editor / terminal
  • Ctrl+Shift+Alt+L — Quick Chat
  • Tab — accept suggestion
  • Ctrl+→ — accept next word
  • Alt+] / Alt+[ — cycle suggestions
  • Esc — dismiss suggestion
  • F2 — AI-powered symbol rename

Slash Commands

  • /explain — explain selected code
  • /fix — fix code or linting error
  • /tests — generate tests
  • /doc — generate documentation
  • /new — scaffold new project / file
  • /plan — create implementation plan
  • /startDebugging — generate launch.json
  • /compact — summarize context

Context References (#)

  • #file — specific file
  • #folder — folder & its files
  • #codebase — semantic search across workspace
  • #selection — current editor selection
  • #changes — source control diff
  • #fetch — content from a URL

@-Participants

  • @github — repos, issues, PRs, code search
  • @terminal — shell commands & output
  • @vscode — settings, extensions, APIs

Cursor

Keyboard Shortcuts

  • Cmd/Ctrl+I — Composer (full)
  • Cmd/Ctrl+L — Chat sidebar
  • Cmd/Ctrl+K — inline edit / command bar
  • Cmd/Ctrl+Shift+L — ask about selection
  • Tab — accept Cursor Tab suggestion
  • Esc — reject / stop generation
  • Cmd/Ctrl+Shift+P — command palette
  • F12 — go to definition

@ Context Mentions

  • @filename.ts — specific file (<200 lines)
  • @src/folder/ — folder for patterns
  • @codebase — full repo index search
  • @instructions.md — always include this
  • @web "query" — live web search
  • #Context7 — versioned library docs (MCP)

Config Files

  • .cursor/rules/*.md — persistent rules
  • instructions.md — project context (every session)
  • .cursorignore — exclude from indexing
  • .cursor/mcp.json — MCP server config

Key Workflows

  • 📌 3-file rule: edit + pattern + types
  • 📌 Reset every 20 exchanges (context drift)
  • 📌 TDD+YOLO: write tests first, auto-iterate
  • 📌 Refactor incrementally — 1 step at a time
  • 📌 Commit before & after each session

Context Budget

  • Quick edit — ~2k tokens (1–2 files)
  • New feature — ~5k tokens (3-file rule)
  • Refactor — ~10k tokens
  • Architecture — ~50k tokens