diff --git a/.claude-plugin/marketplace.json b/.claude-plugin/marketplace.json index d288c897..d5fd9443 100644 --- a/.claude-plugin/marketplace.json +++ b/.claude-plugin/marketplace.json @@ -54,7 +54,7 @@ { "name": "bitwarden-security-engineer", "source": "./plugins/bitwarden-security-engineer", - "version": "1.2.0", + "version": "1.3.0", "description": "Application security engineering assistant for vulnerability triage, threat modeling, and secure code analysis." }, { diff --git a/README.md b/README.md index 8204a804..2ac400d9 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,7 @@ A curated collection of plugins for AI-assisted development at Bitwarden. Enable | [bitwarden-devops-engineer](plugins/bitwarden-devops-engineer/) | 0.1.3 | DevOps engineering assistant: workflow compliance linting, action security auditing, and org-wide CI/CD remediation | | [bitwarden-init](plugins/bitwarden-init/) | 1.2.0 | Initialize and enhance CLAUDE.md files with Bitwarden's standardized template format | | [bitwarden-product-analyst](plugins/bitwarden-product-analyst/) | 0.1.5 | Product analyst agent for creating comprehensive Bitwarden requirements documents from multiple sources | -| [bitwarden-security-engineer](plugins/bitwarden-security-engineer/) | 1.2.0 | Application security engineering: vulnerability triage, threat modeling, and secure code analysis | +| [bitwarden-security-engineer](plugins/bitwarden-security-engineer/) | 1.3.0 | Application security engineering: vulnerability triage, threat modeling, and secure code analysis | | [bitwarden-software-engineer](plugins/bitwarden-software-engineer/) | 1.0.0 | Software engineer agent for a Bitwarden product team. Implements stories, tasks, and bugs with code quality, performance, security, and team comms in mind. | | [claude-config-validator](plugins/claude-config-validator/) | 1.1.1 | Validates Claude Code configuration files for security, structure, and quality | | [claude-retrospective](plugins/claude-retrospective/) | 1.1.1 | Analyze Claude Code sessions to identify successful patterns and improvement opportunities | diff --git a/plugins/bitwarden-security-engineer/.claude-plugin/plugin.json b/plugins/bitwarden-security-engineer/.claude-plugin/plugin.json index dce4ea8a..9f31fc9d 100644 --- a/plugins/bitwarden-security-engineer/.claude-plugin/plugin.json +++ b/plugins/bitwarden-security-engineer/.claude-plugin/plugin.json @@ -1,6 +1,6 @@ { "name": "bitwarden-security-engineer", - "version": "1.2.0", + "version": "1.3.0", "description": "Application security engineering assistant for vulnerability triage, threat modeling, and secure code analysis at Bitwarden.", "author": { "name": "Bitwarden", diff --git a/plugins/bitwarden-security-engineer/CHANGELOG.md b/plugins/bitwarden-security-engineer/CHANGELOG.md index ef6a891d..a954e6a8 100644 --- a/plugins/bitwarden-security-engineer/CHANGELOG.md +++ b/plugins/bitwarden-security-engineer/CHANGELOG.md @@ -5,6 +5,14 @@ All notable changes to the `bitwarden-security-engineer` plugin will be document The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [1.3.0] - 2026-06-09 + +### Changed + +- Switched the default model from Claude Opus to **Claude Fable 5** (`fable`), Anthropic's Mythos-class model released 2026-06-09 with stronger software-engineering and security-analysis capabilities. + - `bitwarden-security-engineer` agent: `model` is now `fable`. + - `perform-security-review` skill: the security-review agents now default to `fable` (the `--model` override is unchanged). Documented that Fable 5's built-in cybersecurity safeguards fall back to Claude Opus 4.8 automatically when triggered, so authorized defensive reviews degrade gracefully rather than refusing. + ## [1.2.0] - 2026-05-08 ### Added diff --git a/plugins/bitwarden-security-engineer/agents/bitwarden-security-engineer.md b/plugins/bitwarden-security-engineer/agents/bitwarden-security-engineer.md index 2331be85..d311d12e 100644 --- a/plugins/bitwarden-security-engineer/agents/bitwarden-security-engineer.md +++ b/plugins/bitwarden-security-engineer/agents/bitwarden-security-engineer.md @@ -1,7 +1,7 @@ --- name: bitwarden-security-engineer description: Application security engineer specializing in vulnerability triage, threat modeling, and secure code analysis. Use for security findings remediation, threat model generation, dependency audits, and architecture security review. -model: opus +model: fable tools: Read, Write, Edit, Bash, Glob, Grep, Skill skills: - triaging-security-findings diff --git a/plugins/bitwarden-security-engineer/skills/perform-security-review/SKILL.md b/plugins/bitwarden-security-engineer/skills/perform-security-review/SKILL.md index 359b56fd..ca11683e 100644 --- a/plugins/bitwarden-security-engineer/skills/perform-security-review/SKILL.md +++ b/plugins/bitwarden-security-engineer/skills/perform-security-review/SKILL.md @@ -21,7 +21,7 @@ Determine review mode from the invocation: ## Security Review Process -**Model selection:** If `--model` is specified, use that model for all agents. Otherwise, default to `opus`. +**Model selection:** If `--model` is specified, use that model for all agents. Otherwise, default to `fable`. Note: Fable 5 carries built-in safeguards for high-risk domains (including cybersecurity) and falls back to Claude Opus 4.8 automatically when they trigger — the authorized-engagement framing required in step 2 keeps this defensive review on-task. Execute these steps in order. Do not skip, reorder, or combine steps.