Medium LLM
8/10 signal
How Fable 5 found the SSRF in my phishing scanner
agenticreasoning
What happened
A case study demonstrating how Anthropic's Fable 5 model, executed via Claude Code with high effort ('/effort xhigh'), successfully identified a Server-Side Request Forgery (SSRF) vulnerability and an LLM-budget-draining rate-limiting bug in a production phishing scanner. The scanner's original code, partially written by Claude 3.5 Sonnet, had passed standard validation tests but contained subtle bypasses that Fable 5's deep reasoning uncovered in 20 minutes.
Why it matters
Inference-time reasoning models can catch subtle, stateful security bugs that standard LLM coding assistants miss.
The take
This is a stellar, concrete example of high-effort reasoning models (Fable 5) outperforming standard coding assistants (Sonnet) in complex, adversarial tasks. It proves that allocating higher compute/reasoning budgets at inference time is highly effective for security audits and deep code reviews.
Do this
Integrate high-effort reasoning models (like Fable 5 or o1/o3) into your CI/CD pipeline or security review process specifically for adversarial testing of sensitive endpoints.
Don't read this site daily. Get it in your inbox.
The daily brief and Sunday deep dive — distilled, scored, and opinionated. For builders only.