[Bug] Claude model auto-switches from selected model during security vulnerability analysis
Bug Description
Hi,
▎
▎ I'm building Rosoro, a B2B SaaS for construction subcontracting, and I'm currently running a pre-launch security audit
▎ and remediation on my own application (code I own).
▎
▎ This is authorized, defensive work: finding and fixing vulnerabilities in my own codebase (cross-tenant IDOR, stored
▎ XSS, DoS, vulnerable dependencies), including a multi-agent adversarial review that tries to break the fixes.
▎
▎ Issue: Fable 5 keeps auto-switching to Opus 4.8 throughout the session whenever the content involves "offensive"
▎ security analysis (looking for bypasses, exploitation paths), even though I had explicitly selected Fable 5 (+
▎ ultracode). The dual-use measures trigger on a fully legitimate use case (defensive security on my own product) and
▎ disrupt the workflow.
▎
▎ Suggestion: refine these measures so a clearly defensive, authorized context (working on one's own repo, fixing
▎ vulnerabilities) doesn't trigger the switch so aggressively — and ideally give more transparency about what triggered
▎ it, plus an option to stay on the chosen model in these cases.
▎
▎ Thanks.
Environment Info
- Platform: darwin
- Terminal: WarpTerminal
- Version: 2.1.173
- Feedback ID: 67c3e138-2803-4c24-b17a-1ea1e6631530
Errors
[]