Overview
On 13 June 2026, Anthropic published a public statement disclosing that the US government had issued a national security-based export control directive ordering the company to immediately suspend all access to Claude Fable 5 and Mythos 5 for any foreign national — whether located inside or outside the United States, including Anthropic’s own foreign national employees. The directive was received at 5:21pm ET and resulted in an abrupt global access cutoff for affected customers.
The stated basis for the directive was the government’s belief that a method of jailbreaking Fable 5 had been discovered, potentially enabling the model to surface software vulnerabilities in ways that could pose a national security risk.
Anthropiq strongly contested the characterisation. The company reviewed the government’s demonstration and concluded that the capability shown — essentially prompting the model to read a codebase and identify flaws — is not unique to Fable 5 and is already reproducible using multiple publicly available models, including OpenAI’s GPT-5.5. They further noted that the vulnerabilities identified were minor, previously known, and are routinely surfaced by defenders using off-the-shelf tooling.
Technical Analysis
The alleged jailbreak, as described by Anthropic, appears to centre on a prompt-based technique that instructs the model to treat a provided codebase as an analysis target and identify software flaws. This is a well-documented use case for code-capable LLMs and is not, in isolation, a novel attack vector.
The key security question is whether Fable 5 exhibited capability uplift — i.e., whether it could surface vulnerabilities that other models could not, at a level that would provide meaningful advantage to a sophisticated threat actor. Anthropic’s position is that no such uplift was demonstrated. The government has, according to the statement, provided only verbal evidence and a single shared report, with no formal written technical justification accompanying the directive.
The described technique maps most directly to adversarial prompting designed to bypass model safety constraints (jailbreak), combined with use of the model’s inference API for offensive vulnerability research purposes.
Framework Mapping
- AML.T0054 – LLM Jailbreak: The core allegation involves bypassing Fable 5’s safety constraints via a specific prompting technique.
- AML.T0015 – Evade ML Model: The technique is framed as circumventing the model’s intended restrictions on sensitive output.
- AML.T0040 – ML Model Inference API Access: The attack surface is the model’s API, used to extract vulnerability intelligence.
- LLM01 – Prompt Injection / LLM06 – Sensitive Information Disclosure: The alleged output (software vulnerability details) constitutes sensitive disclosure enabled through prompt manipulation.
Impact Assessment
The immediate operational impact is significant: all Anthropic customers relying on Fable 5 or Mythos 5 have lost access with minimal notice. Foreign national Anthropic employees are also locked out, creating internal operational disruption.
The broader precedent is arguably more consequential. This appears to be one of the first instances of the US government invoking export control authority to unilaterally suspend a commercial AI model’s availability on national security grounds — without providing written technical justification to the affected company.
Mitigation & Recommendations
- Identify dependencies: Organisations using Fable 5 or Mythos 5 should immediately audit pipelines and workflows and activate fallback model configurations.
- Engage legal counsel: Companies with foreign national employees or international customer bases should seek guidance on evolving AI export control obligations.
- Assess jailbreak exposure: Security teams should review their own LLM deployments for prompt-based vulnerability discovery risks and implement input/output filtering accordingly.
- Monitor regulatory trajectory: This directive signals a hardening regulatory posture toward frontier models; compliance teams should treat AI model access as a potential export-controlled asset.