The ambitious launch of Claude Fable 5 began with great optimism and ended in regulatory uncertainty. On June 9, 2026, Anthropic released the much-awaited Claude Fable 5, a Mythos-class model positioned as the most capable publicly available AI by the company to date. The model was rolled out simultaneously across the Claude API, AWS Bedrock, Google Cloud, Microsoft Foundry, and Claude itself. Priced at $10 per million input tokens and $50 per million output tokens-over 50% cheaper than Mythos Preview-it was expected to broaden enterprise adoption.
The enthusiasm soon faded, however. Just three days later, the model went offline following the U.S. Commerce Department order. Mythos 5 returned for select trusted partners by June 26, but Fable 5’s full public restoration remained unresolved at that point.
What Fable 5 Is Capable Of
Fable 5 launched with strong benchmark results across coding, knowledge work, and long-context tasks, positioned as the public-facing version of Anthropic’s Mythos technology. Sensitive queries involving cybersecurity, biology and chemistry, or model distillation are automatically redirected through a dedicated safety-routing system to the less capable Opus 4.8; Anthropic said fewer than 5% of sessions are rerouted.
Before the shutdown its less-restricted sibling, Mythos 5, was accessible to roughly 200 organizations through Project Glasswing, including Apple, Google, Cisco, Nvidia, Microsoft, and JPMorgan Chase. Anthropic also said Mythos 5 helped in accelerating internal drug-design and genomics research, though those specific figures rest on the company’s own claims rather than independent verification.
Reasons Why the Government Is Restricting It
The Commerce Department’s directive was based on national security authorities and concerns that foreign users could circumvent Fable 5’s safety guardrails through a jailbreak-a way of bypassing AI safety restrictions. The order specifically prohibited access “by any foreign national, whether inside or outside the United States,” creating a broad mandate covering Anthropic’s worldwide user base, including its own expatriate employees. With no reliable real-time verification mechanism to determine citizenship across hundreds of millions of users, a global shutdown of both models was the only viable option on short notice.
Notably, Anthropic’s own technical report addressed jailbreak resistance directly well before the restrictions. The company reported zero universal jailbreaks from an external bug bounty conducted over more than 1,000 hours of testing and said independent red-teaming organizations also failed to find a universal jailbreak on long-form agentic tasks-with one notable exception: Anthropic disclosed that the UK’s AI Security Institute had made progress toward one during a brief initial testing period. That detail, voluntarily disclosed in Anthropic’s system card, is plausibly the strongest technical link between the company’s safety claims and the government’s eventual concern.
Anthropic itself has said the government’s evidence was verbal and centered on a specific, non-universal jailbreak, essentially instructing the model to read a codebase and repair software flaws. Separately, and on more limited sourcing that should be treated cautiously, reporting indicates the matter was first raised through a passing reference during a call between Andy Jassy and Trump administration officials.
Anthropic’s counterargument was emphatic: the company said the government had not identified any jailbreak that led to demonstrable harm and that the techniques described were reproducible using other publicly available models, including OpenAI’s GPT-5.5 – a comparison Anthropic itself drew, not one independently confirmed. It noted that absolute jailbreak resistance is not technically feasible with today’s models and that applying this standard industry-wide would effectively halt new frontier model deployments. Anthropic said it agrees governments should have authority to prevent unsafe deployments-but only through a transparent, statutory process grounded in technical evidence, rather than an ad hoc directive.
Process to Enable Restored Access
Despite that pushback, what followed was an intense, largely private negotiation rather than a public regulatory process. Senior Anthropic executives, including co-founder Tom Brown, who led the negotiations, met directly with Commerce Secretary Howard Lutnick and other officials over the following two weeks. Officials signaled that restrictions would lift once security concerns were addressed.
On June 26, exactly two weeks after the initial shutdown, the government cleared Mythos 5 for restored access – but only for more than 100 pre-approved government and private institutions. Fable 5’s broader public restoration remained pending at that point, with the timeline for its release still unclear, according to people close to the talks.
The Export Certificate Issue
Stepping back, part of the broader regulatory backdrop to this standoff is a compliance mechanism most enterprise buyers rarely think about: the export license review process for advanced AI systems. Earlier in 2026, the Bureau of Industry and Security had already eased its export licensing framework for certain AI chips, shifting from a “presumption of denial” toward “case-by-case review,” and requiring exporters to certify a defined set of technical, business, and end-user information – including identification of remote end users in specified countries of concern – before exports could move forward.
The Fable 5 and Mythos 5 suspension extended that same case-by-case, certify-your-user logic to a different kind of export: an already-deployed AI model rather than a hardware shipment. Because Anthropic lacked a mechanism to verify user nationality in real time, it could not satisfy the equivalent of an export certificate on a per-user basis – forcing the blanket shutdown rather than a narrower, compliant restriction.
Bloomberg has reported that Anthropic is now working directly with the government on a policy framework to handle similar situations in the future – in effect, a certification or access-tiering system for SaaS-delivered AI products, for which no such infrastructure currently exists. What that framework will ultimately look like, and whether it becomes a durable template for future frontier-model releases, remains unclear.
Subsequent Developments
Returning to how this standoff actually resolved: the restrictions ultimately proved temporary. Commerce Secretary Howard Lutnick sent a letter to Anthropic co-founder Tom Brown on June 26 – two weeks after the initial shutdown – confirming that “appropriate safeguards” had been implemented, allowing certain “trusted partners” to access Mythos 5, clearing the model for more than 100 pre-approved companies and government agencies.
Fable 5 remained under restriction at that point, with people close to the talks telling reporters its release was being actively pursued. On June 30, Lutnick sent a second letter to Brown confirming that restrictions on both Fable 5 and Mythos 5 had been fully lifted, citing Anthropic’s implementation of a new safeguard to detect and prevent the cybersecurity workaround that had originally prompted the order – a fix Anthropic said was independently tested by the Commerce Department’s Center for AI Standards and Innovation. Anthropic said Fable 5 would initially run at up to 50% of normal weekly usage limits through July 7 “during an initial monitoring period,” before returning to standard capacity.
The Washington Post and Wired reported that the administration’s decision was partially shaped by the discovery that SK Telecom-South Korea’s largest wireless carrier and a $100 million investor in Anthropic-had gained access to Mythos 5 through Project Glasswing, amid concerns about the China ties of its parent company, SK Group. Anthropic promptly revoked SK Telecom’s access before the June 12 directive. SK Telecom has denied any China ties, calling the claims unverified.
That episode appears to have been one of two factors behind the eventual shutdown.
The second, reported separately by Fortune and Reuters, involved Amazon researchers identifying a way to bypass Fable 5’s safeguards – reportedly by asking the model to “fix” rather than merely review a codebase – which Amazon CEO Andy Jassy raised directly with administration officials. That finding, layered on top of the SK Telecom concerns, is what reportedly led the Commerce Department to issue the broader June 12 directive barring all foreign nationals from accessing both models – a restriction Anthropic said it could not comply with selectively, since it had no reliable way to screen users by nationality in real time.
Latest Developments
Just before publishing this piece, new developments confirmed the situation has fully resolved.
The Department of Commerce withdrew its June 12 export-control directive on June 30. Fable 5 relaunched globally on July 1 across the Claude Platform, Claude.ai, and Claude Code. Mythos 5 remains gated – reactivated June 26 for roughly 100 pre-screened U.S. companies and federal agencies in critical infrastructure defense.
Trigger: Amazon researchers flagged a jailbreak that got Fable 5 to identify software vulnerabilities and, in one case, generate proof-of-concept exploit code – not a systemic capability breach.
Condition of reinstatement: Anthropic committed to giving government partners early, pre-release access to frontier models and to promptly report significant jailbreaks going forward.
What should you do now
Maximize the free window: Pro, Max, Team, and select Enterprise plans fold Fable 5 into up to 50% of weekly usage limits through July 7. After that, it moves to pay-per-use credits – complete your evals before the window closes.
Resolve data retention first: Fable 5 mandates a 30-day data retention period for safety monitoring and excludes zero-data-retention arrangements – confirm this clears legal/compliance before rollout.
Budget the premium: $10 / $50 per million input/output tokens (2x Opus 4.8), with a 90% markdown on cached input. Safety-classifier reroutes to Opus 4.8 affect under 5% of sessions and charge at Opus pricing, not Fable’s.
Features Worth Flagging
US-only inference: configuring inference_geo to “us” carries a 1.1x multiplier across all token categories – a concrete mechanism for data-residency-sensitive workloads. It ensures that processing remains on American servers at a 10% pricing premium.
Flat-rate full context: Fable 5 delivers the full 1M-token context window at flat standard rates. A 900K-token request prices identically, per token, to a 9K-token one – no long-context surcharge.
Safety tradeoff is explicit: The new classifier addresses the specific jailbreak technique and prevents it in over 99% of cases with the accepted tradeoff. Consequently, some legitimate coding and debugging tasks may occasionally be redirected to Opus 4.8, a less capable model. Additionally, high-risk requests involving advanced microbiology or offensive cyber capabilities remain strictly blocked from the Fable architecture.
