Labsco
bitwarden logo

bitwarden-security-context

121

by bitwarden · part of bitwarden/ai-plugins

Bitwarden's security principles (P01-P06), security vocabulary, and data classification standards. Use when you need foundational security context for any…

🔥🔥✓ VerifiedFreeQuick setup
🔒 Repo-maintenance skill. It exists to help maintain bitwarden/ai-plugins itself — it's only useful if you contribute code to that project.

This is the playbook your agent receives when the skill activates — you don't need to read it to use the skill, but it's here to audit before installing.


name: bitwarden-security-context description: Bitwarden's security principles (P01-P06), security vocabulary, and data classification standards. Use when you need foundational security context for any Bitwarden development, review, or security task — such as understanding trust boundaries, data protection requirements, or Bitwarden-specific security terminology.

Bitwarden Security Context

Quick-reference for Bitwarden's foundational security framework. Use this for security context during development, code review, or security analysis without loading the full threat-modeling or architecture-review skills.

Security Principles (P01-P06)

These six principles form the foundation for all security decisions at Bitwarden.

PrincipleNameCore Guarantee
P01Servers are Zero KnowledgeBitwarden infrastructure cannot access unencrypted user data. The server must not enable weakening of user-chosen protections, masquerade server data as user-encrypted content, or access encrypted data outside the client context.
P02A Locked Vault is SecureHighly sensitive vault data cannot be accessed in plaintext once the vault is locked, even if the device is compromised after locking. Platform limitations (e.g., JS memory) are mitigated through buffer clearing and available security features.
P03Limited Security on Semi-Compromised DevicesFor unlocked vaults on devices with userspace malware (but intact OS/kernel), clients maximize kernel/OS-level protections and balance security with usability through controls like biometrics.
P04No Security on Fully Compromised SystemsBitwarden cannot guarantee vault protection when hardware or OS-level integrity is fully compromised. This applies to unlocked vaults only — locked vaults are covered by P02.
P05Controlled Access to Vault DataVault data, whether at rest or in use, is accessible only to authorized parties under the user's explicit control. Isolation mechanisms are critical in high-risk environments like web browsers.
P06Minimized Impact of Security BreachesLimit breach scope and duration through session invalidation, key rotation (countering "harvest now, decrypt later"), and post-compromise security (new data remains protected after a breach).

Controlled Exceptions

Principles have documented exceptions. Known examples:

  • P01 — Key Connector: Self-hosted SSO without passwords. The server holds encryption keys on behalf of the user.
  • P01 — Icons Service: Plaintext domain names are sent to retrieve favicons.

Full documentation: Security Principles

Security Vocabulary

Standard terminology for security discussions at Bitwarden.

TermDefinition
Vault DataA user's private information stored in Bitwarden (passwords, usernames, secure notes, credit cards, identities, attachments)
Protected DataData stored in unreadable format (typically encrypted) with expectations about secure key storage
Data at RestStored data not actively used or transmitted (disk storage on devices or servers)
Data in UseData actively being processed or accessed, held in volatile memory
Data in TransitData actively transferred between locations, processes, or devices
Secure ChannelA communication channel providing confidentiality (unreadable to unauthorized parties) and integrity (tamper-proof)
Trusted ChannelA secure channel that also provides authenticity (verified identities of communicating parties)
Data ExportingControlled process where data leaves Bitwarden unprotected, nullifying security guarantees. Requires informed consent.
Data SharingControlled data exchange within the Bitwarden secure environment (security guarantees maintained)
Data LeakingUnintentional departure of data from Bitwarden unprotected
Bitwarden Secure EnvironmentAny process or application adhering to Bitwarden's security standards

Full documentation: Security Definitions