bitwarden · withinfocus · Jun 9, 2026
@@ -54,7 +54,7 @@
     {
       "name": "bitwarden-security-engineer",
       "source": "./plugins/bitwarden-security-engineer",
-      "version": "1.2.0",
+      "version": "1.3.0",
       "description": "Application security engineering assistant for vulnerability triage, threat modeling, and secure code analysis."
     },
     {

@@ -16,7 +16,7 @@ A curated collection of plugins for AI-assisted development at Bitwarden. Enable
 | [bitwarden-devops-engineer](plugins/bitwarden-devops-engineer/)     | 0.1.3   | DevOps engineering assistant: workflow compliance linting, action security auditing, and org-wide CI/CD remediation                                         |
 | [bitwarden-init](plugins/bitwarden-init/)                           | 1.2.0   | Initialize and enhance CLAUDE.md files with Bitwarden's standardized template format                                                                        |
 | [bitwarden-product-analyst](plugins/bitwarden-product-analyst/)     | 0.1.5   | Product analyst agent for creating comprehensive Bitwarden requirements documents from multiple sources                                                     |
-| [bitwarden-security-engineer](plugins/bitwarden-security-engineer/) | 1.2.0   | Application security engineering: vulnerability triage, threat modeling, and secure code analysis                                                           |
+| [bitwarden-security-engineer](plugins/bitwarden-security-engineer/) | 1.3.0   | Application security engineering: vulnerability triage, threat modeling, and secure code analysis                                                           |
 | [bitwarden-software-engineer](plugins/bitwarden-software-engineer/) | 1.0.0   | Software engineer agent for a Bitwarden product team. Implements stories, tasks, and bugs with code quality, performance, security, and team comms in mind. |
 | [claude-config-validator](plugins/claude-config-validator/)         | 1.1.1   | Validates Claude Code configuration files for security, structure, and quality                                                                              |
 | [claude-retrospective](plugins/claude-retrospective/)               | 1.1.1   | Analyze Claude Code sessions to identify successful patterns and improvement opportunities                                                                  |

@@ -1,6 +1,6 @@
 {
   "name": "bitwarden-security-engineer",
-  "version": "1.2.0",
+  "version": "1.3.0",
   "description": "Application security engineering assistant for vulnerability triage, threat modeling, and secure code analysis at Bitwarden.",
   "author": {
     "name": "Bitwarden",

@@ -5,6 +5,14 @@ All notable changes to the `bitwarden-security-engineer` plugin will be document
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.3.0] - 2026-06-09
+
+### Changed
+
+- Switched the default model from Claude Opus to **Claude Fable 5** (`fable`), Anthropic's Mythos-class model released 2026-06-09 with stronger software-engineering and security-analysis capabilities.
+  - `bitwarden-security-engineer` agent: `model` is now `fable`.
+  - `perform-security-review` skill: the security-review agents now default to `fable` (the `--model` override is unchanged). Documented that Fable 5's built-in cybersecurity safeguards fall back to Claude Opus 4.8 automatically when triggered, so authorized defensive reviews degrade gracefully rather than refusing.
+
 ## [1.2.0] - 2026-05-08
 
 ### Added

@@ -1,7 +1,7 @@
 ---
 name: bitwarden-security-engineer
 description: Application security engineer specializing in vulnerability triage, threat modeling, and secure code analysis. Use for security findings remediation, threat model generation, dependency audits, and architecture security review.
-model: opus
+model: fable
 tools: Read, Write, Edit, Bash, Glob, Grep, Skill
 skills:
   - triaging-security-findings

@@ -21,7 +21,7 @@ Determine review mode from the invocation:
 
 ## Security Review Process
 
-**Model selection:** If `--model` is specified, use that model for all agents. Otherwise, default to `opus`.
+**Model selection:** If `--model` is specified, use that model for all agents. Otherwise, default to `fable`. Note: Fable 5 carries built-in safeguards for high-risk domains (including cybersecurity) and falls back to Claude Opus 4.8 automatically when they trigger — the authorized-engagement framing required in step 2 keeps this defensive review on-task.
 
 Execute these steps in order. Do not skip, reorder, or combine steps.