Itinai.com lat lay of a medium sized ai business toolkit on a 9b398cfa c8ca 4b2e 9fc2 dc209a9686b9 0

Claude Fable 5 с кибер‑классификатором после снятия контроля

Itinai.com lat lay of a medium sized ai business toolkit on a 9b398cfa c8ca 4b2e 9fc2 dc209a9686b9 0

Quick facts

  • Model: Claude Fable 5 (Mythos‑class model made safe for general use)
  • Event: Redeployed 1 July 2026 after export controls were lifted
  • Reason for pause: Amazon report on a safeguard bypass
  • Fix: New safety classifier that blocks the reported technique
  • Pricing: $10 / M input tokens, $50 / M output tokens
  • Where: Claude Platform, Claude.ai, Claude Code, Claude Cowork

What happened: the timeline

Anthropic launched Fable 5 and Mythos 5 on 9 June 2026. Both share the same underlying model; Fable 5 ships with strong safeguards for general use, Mythos 5 with some safeguards lifted for trusted cybersecurity partners.

On 12 June 2026 the US government applied export controls, forcing Anthropic to suspend access worldwide.

The trigger was a report from Amazon researchers who discovered a method to coax Fable 5 into listing software vulnerabilities and, in one case, generating exploit code.

By 26 June, the government approved restoring Mythos 5 for a limited set of US organisations. Full controls were lifted on 30 June, and Fable 5 returned on 1 July.

Why Anthropic says the finding was not unique

Testing showed the same vulnerability‑listing behaviour in less capable models such as Claude Opus 4.8, GPT‑5.5 and Kimi K2.7. The single exploit demonstration reproduced by Haiku 4.5, Sonnet 4.6, Opus 4.6‑4.8, GPT‑5.4‑5.5 and Kimi K2.7 indicates the technique does not expose unique “Mythos‑level” cyber capabilities. Anthropic classifies it as routine defensive cybersecurity work, not a breakthrough.

How the new classifier works

Anthropic trained an improved safety classifier that blocks the specific bypass in over 99 % of cases. When the classifier fires, the request is not rejected outright – it is transparently routed to Claude Opus 4.8 and the user receives a notification.

Independent testing by the Department of Commerce’s CAISI confirms the safeguards are “extraordinarily strong,” though the larger safety margin does increase false‑positives during ordinary coding and debugging tasks.

The proposed jailbreak severity framework

Anthropic, together with Amazon, Microsoft, Google and other partners, drafts a scoring system for AI jailbreaks based on four criteria:

  1. Capability gain – how far beyond existing tools the jailbreak takes the user.
  2. Breadth of capability gain – how many distinct offensive tasks the technique unlocks.
  3. Ease of weaponization – how much human effort is required to turn the jailbreak into a real attack.
  4. Discoverability – how easily the technique can be found.

For the most severe class, Anthropic will deploy preliminary mitigations immediately and maintain 24 × 7 monitoring of jailbreak submission channels.

Use cases with examples

  • Codebase migrations: Stripe reported migrating a 50‑million‑line Ruby codebase in one day using Fable 5.
  • Financial analysis: On Hebbia’s Finance Benchmark, Fable 5 achieved the highest scores for chart, table and document reasoning.
  • Vision‑to‑code: Fable 5 can reconstruct a web app’s source code from screenshots alone.
  • Long‑running agents: File‑based memory lets it stay focused across millions of tokens.

How Fable 5 compares

The pause opened a window for rivals. Zhipu AI released GLM‑5.2 as open weights, which independent testers rank as the strongest openly available model.

Model Developer Access Context Price (in/out per 1 M) Benchmark Cyber safeguards
Claude Fable 5 Anthropic General (Platform, .ai, Code, Cowork) Long‑context $10 / $50 AA‑Briefcase 1587 Elo Strongest applied; falls back to Opus 4.8
Claude Mythos 5 Anthropic Trusted US organisations Long‑context $10 / $50 Same base model Safeguards lifted
Claude Opus 4.8 Anthropic General Long‑context ~$5 / $25 SWE‑bench Pro 69.2 Standard
GLM‑5.2 Zhipu AI Open weights (MIT) 1 M tokens ~$1.40 / $4.40 SWE‑bench Pro 62.1 None (open weight)
GPT‑5.5 OpenAI General Long‑context ~$5 / $30 SWE‑bench Pro 58.6 Standard

GLM‑5.2 uses a Mixture‑of‑Experts design (≈750 B total parameters, ~40 B active per token). On Semgrep’s IDOR benchmark it scored 39 % F1, beating Claude Code’s 32 %.

Cost‑wise, Fable 5 averaged $31 per AA‑Briefcase task, while GLM‑5.2 averaged $2.40.

Access and a quick API example

Fable 5 is included in Pro, Max, Team and selected Enterprise plans through 7 July 2026, covering up to 50 % of weekly usage limits. After that, usage draws from standard credits. The model is also re‑enabled on AWS, Google Cloud and Microsoft Foundry.

Developers call the model with the claude-fable-5 identifier:

from anthropic import Anthropic

client = Anthrop ic()  # reads ANTHROPIC_API_KEY from the environment

message = client.messages.create(
    model="claude-fable-5",
    max_tokens=1024,
    messages=[{"role": "user", "content": "Refactor this module for readability."}]
)

print(message.content)

If the safety classifier triggers, the response comes from Opus 4.8; the API contract remains unchanged.

Key takeaways

  • Fable 5 returned on 1 July 2026 after export controls were lifted.
  • A new classifier blocks the reported bypass in > 99 % of cases.
  • Blocked requests are transparently rerouted to Opus 4.8, not rejected.
  • Anthropic proposes a four‑criteria framework for scoring jailbreaks.
  • During the pause, GLM‑5.2 emerged as a cheaper open‑weight competitor.

Запустите свой ИИ проект бесплатно

ИИ-агенты искусственный интеллект онлайн для бизнеса

Лучший ИИ онлайн