Claude Fable 5 Returns With Tighter Safety Controls After 19-Day U.S. Export Ban
Claude Fable 5 is now available worldwide again as of July 1, following a 19-day suspension triggered by a government national security concern over a jailbreak vulnerability. The U.S. Department of Commerce lifted export controls on June 30, allowing Anthropic to restore access across Claude.ai, the Claude Platform, Claude Code, and Claude Cowork, with cloud deployments on AWS, Google Cloud, and Microsoft Foundry expected to follow shortly.
What Triggered the Shutdown and Why It Matters?
The suspension began on June 12 when researchers at Amazon discovered a method to bypass Fable 5's safety classifiers by framing requests as code reviews. This technique prompted the model to identify software vulnerabilities and, in some cases, generate code demonstrating how to exploit them. The government treated this as a national security risk serious enough to invoke export controls within hours.
Anthropic disputed the severity of the finding, arguing that the vulnerability identification was replicable by weaker models including Claude Opus 4.8, OpenAI's GPT-5.5, and Moonshot's Kimi K2.7. When it came to generating exploit code, every model Anthropic tested produced similar output, including Claude Haiku 4.5, Sonnet 4.6, and multiple Opus variants. The company concluded that the reported bypass did not expose any capability unique to its most powerful models.
The episode also reflected broader policy tensions. In early March, the Defense Department had designated Anthropic a "supply chain risk," and the White House's June 2 Executive Order on Promoting Advanced Artificial Intelligence Innovation and Security mandated a 30-day government pre-release review for frontier models. Anthropic had launched Fable 5 just seven days after that order without completing a government pre-brief, which may have accelerated the enforcement action.
How Did Anthropic Fix the Safety Problem?
To resolve the ban, Anthropic trained an improved safety classifier specifically targeting the jailbreak technique Amazon demonstrated. The company's safety architecture uses what it calls "defense in depth," with classifier-based safety layers that sit in front of the model and monitor every incoming query. When a request trips a classifier covering offensive cybersecurity, biology and chemistry, or model distillation, Fable 5 routes the request to Claude Opus 4.8 instead and notifies the user that a fallback occurred.
The new classifier blocks the specific reported jailbreak technique in more than 99% of cases, according to Anthropic's redeployment statement. Researchers from the Commerce Department's Center for AI Standards and Innovation independently tested both the original and updated classifiers and confirmed the new safeguards as strong.
What Are the Trade-Offs for Users and Developers?
The tighter safety controls come with a significant cost. Because the new classifier is more conservative than its predecessor, it will produce more false positives on routine coding and debugging requests that would previously have passed through without triggering a fallback. Anthropic says it will continue refining the system to reduce those false alarms over time, but developers should expect more friction when using the model for legitimate security work.
Access conditions have also changed. Starting July 1, Pro, Max, Team, and select Enterprise subscribers can use Fable 5 for up to 50% of their weekly usage limit through July 7. After that, Fable 5 transitions to a usage-credit model. Standard Enterprise seats have no included Fable 5 allowance, meaning all usage is billed through usage credits, and if credits are not enabled, Fable 5 will not function for those users.
Steps to Adapt to the New Fable 5 Safety Framework
- Review Your Usage Patterns: Check whether your typical coding and debugging requests triggered fallbacks during the pre-ban period, as the new classifier may be more aggressive on similar tasks.
- Plan for Credit-Based Billing: After July 7, ensure your organization has usage credits enabled if you want continued access to Fable 5, as the model will not function without them for most Enterprise tiers.
- Consider Fallback Workflows: Understand that security-adjacent requests may be routed to Claude Opus 4.8 instead, which may affect response latency and consistency in your applications.
- Monitor Anthropic's Refinement Updates: Stay informed about classifier improvements, as Anthropic has committed to reducing false positives over time as the system matures.
What Does This Mean for Anthropic's Competitive Position?
The 19-day suspension cost Anthropic significantly. Fable 5 had emerged quickly as a benchmark anchor in the developer community, particularly for autonomous coding tasks. It scored first on Datacurve's DeepSWE benchmark with a 70% PASS@1 rate, three points ahead of GPT-5.5. Its absence opened the field to competitors, and some developers turned to alternatives including GLM-5.2 and Kimi K2.7 while others waited.
Meanwhile, Anthropic has released Claude Sonnet 5, a mid-tier model positioned as a safer alternative that performs nearly on par with Opus 4.8 on many benchmarks while costing significantly less. Sonnet 5 is now the default model for Free and Pro users and is available to Max, Team, and Enterprise customers. Through August 31, Anthropic is charging an introductory rate of $2 per million input tokens and $10 per million output tokens, compared to $5 and $25 for Opus 4.8.
Sonnet 5 deliberately performs poorly on cybersecurity tasks. In a test developed in collaboration with Mozilla to write exploits for Firefox vulnerabilities, the model never succeeded in building a working exploit. Anthropic has enabled cybersecurity safeguards by default, the same ones used in Opus 4.7 and 4.8.
What Happens to Mythos 5 and Future Government Oversight?
Mythos 5, Fable 5's restricted sibling, has been partially restored for roughly 100 U.S. organizations operating and defending critical infrastructure, following a June 26 authorization from Commerce Secretary Howard Lutnick. Anthropic says it continues to work with the government to expand that access to additional domestic and international partners.
One of the lasting outcomes of the suspension may be a new shared standard for how the AI industry handles jailbreak disclosures, something that had not existed before this episode made its absence costly. Anthropic has announced a partnership with Amazon, Microsoft, Google, and other partners to draft a shared framework for assessing jailbreak severity.
The episode drew congressional attention and international concern. Members of Congress sent a formal letter to Commerce Secretary Lutnick demanding a legal explanation for the ban. Austria's government formally invited the European Commission to explore hosting Anthropic within EU jurisdiction to provide legal certainty for European users.