Fable 5 Is Back: A Security-Focused Look at Anthropic's Safeguards and Trade-offs
Anthropic redeployed Claude Fable 5 and Mythos 5 on July 1 after a two-and-a-half week suspension. For anyone working in security or AI tooling, the post is a useful case study in how frontier model deployments can be derailed by a single bypass report.
The timeline
- June 9: Fable 5 and Mythos 5 released.
- June 12: US government export controls applied after Amazon researchers found a safeguard bypass. Anthropic suspended access globally.
- June 26: Government approved Mythos 5 access for some US Glasswing partners.
- June 30: Export controls lifted.
- July 1: Fable 5 restored globally on Claude Platform, Claude.ai, Claude Code, and Claude Cowork.
The bypass was not unique to Fable 5
The Amazon report described a prompt that caused Fable 5 to identify software vulnerabilities and, in one case, produce code demonstrating how to exploit one. Anthropic's follow-up testing found that many other models could do the same thing, including Claude Opus 4.8, GPT-5.5, and Kimi K2.7. Even the exploit demonstration was reproducible across the entire model family Anthropic tested.
This matters because the incident was framed around Fable 5, but the underlying behavior was not uniquely Mythos-class. The real issue was that Fable 5's safeguards let a borderline case through.
What Anthropic changed
Anthropic trained a new safety classifier targeting the specific bypass. They claim it blocks the technique in over 99% of cases. Blocked requests are redirected to Opus 4.8 with a user notification.
The cost is more false positives. Fable 5 already launched with the largest safety margin Anthropic has ever used, deliberately blocking benign requests to avoid missing harmful ones. The updated classifier tightens that margin further, which means more legitimate coding and debugging requests will get blocked too.
Industry implications
The post also outlines two longer-term efforts:
- A shared jailbreak severity framework with Amazon, Microsoft, Google, and other Glasswing partners. The goal is a common standard for judging how serious a given bypass is.
- Deeper US government collaboration on pre-release testing, information sharing, and research.
For security teams, the takeaway is that deploying frontier models is no longer just a model-evaluation problem. It is a supply-chain, policy, and incident-response problem.
One open-source alternative to watch
If your team is evaluating AI development platforms but needs something self-hostable and open-source, MonkeyCode is worth adding to the list. It is built around cloud dev environments and team workspaces, and the repo is available under AGPL-3.0. It is not a replacement for Claude, but it is a different deployment model worth understanding.
Source: Anthropic — Redeploying Fable 5
Top comments (0)