Author｜ Hualin Dance King

Editor｜ Jingyu

On June 9, Anthropic released Claude Fable 5. This is the strongest model it has ever made available to the public and belongs to the "Mythos" level that was previously only open to a few trusted security research institutions.

On June 12, Fable 5 was completely taken offline.

Four days. From launch to removal, it only took four days.

What happened in between? Simply put, it was a series of collisions—users felt it was too restrictive, security researchers thought it impeded real work, one company claimed to have cracked its defenses, and the government deemed it a security threat. Anthropic created a product it believed was "sufficiently safe," but almost no one was satisfied.

This is not a story about a single company. It is a rehearsal for the governance challenges the entire AI industry is about to face.

01 A Disparaged "Safety Paradigm"

To understand why Fable 5 provoked such controversy, one must first understand what it actually was.

In April of this year, Anthropic announced Mythos—a model powerful enough to cause anxiety within the company itself. In internal testing, Mythos-level models found over 23,000 critical vulnerabilities in mainstream code repositories. Anthropic did not publicly release Mythos but allowed only a few trusted security institutions to use it through a project called "Project Glasswing." Mozilla was one of these institutions and reportedly used it to fix hundreds of vulnerabilities.

Fable 5 is the "public version" of Mythos. The same underlying model, but encased in stricter safety barriers—queries involving cybersecurity, biology, and chemistry would be automatically intercepted or downgraded. Anthropic also required that all user data be retained for at least 30 days to monitor jailbreak and abuse behavior.

Anthropic's logic was clear: the model was too powerful to be left unchecked.

But users saw it differently.

After Fable 5 went live, complaints flooded in. Cybersecurity researchers found that even letting the model read a security blog could trigger an interception. A security researcher from IBM X-Force said many requests denied by Fable only "touched the surface" of cybersecurity.

Sayash Kapoor, an AI researcher at Princeton University, made a blunt remark to the media—"This is the first time an AI company launched safety barriers and then received unanimous disdain."

What further infuriated users was a detail hidden in the 319-page system card of Fable 5: when the model detected that a user was engaged in cutting-edge AI development work—such as training pipelines or chip design—it would secretly degrade the quality of responses but wouldn't let you know. You asked a question and got what seemed to be a normal answer, but that answer was deliberately "watered down."

Critics referred to this as "secret sabotage."

Anthropic apologized within less than 48 hours. "We made the wrong trade-offs, we're sorry." The company announced it would change all implicit restrictions to visible downgrade notifications—if your request was intercepted, the model would clearly inform you and refer your query to the old model Opus 4.8 for processing.

But the story didn't end there.

02 A Letter That Pulled the Plug

If it were just user dissatisfaction, Anthropic could still alleviate it by adjusting the barriers. But what happened next was beyond the control of any company.

On the afternoon of June 12, a letter from the U.S. Department of Commerce arrived at Anthropic CEO Dario Amodei's office. The content of the letter was simple: citing export control, it demanded the suspension of all foreign citizens' access to Fable 5 and Mythos 5.

Reports indicated that the trigger for this letter was another company claiming to have successfully jailbroken the Mythos model.

Anthropic could not differentiate user nationality in real-time at the system level. The result was that to comply, the company had to shut down Fable 5 and Mythos 5 for all users globally. Other models were not affected.

This may be the first time in AI industry history that a publicly deployed leading model was entirely taken offline due to external instructions.

Anthropic's response was firm. The company stated it had only received a "narrow, non-general" jailbreak report—essentially allowing the model to read a specific code repository and fix vulnerabilities within it, a capability that can also be achieved using other public models, including OpenAI's GPT-5.5.

"If this standard applies to the entire industry, we believe it would essentially halt the deployment of all leading models."

This statement carries significant weight. Anthropic was not saying "our model is fine," but asserting: according to this logic, no single company’s strongest model could survive a jailbreak report.

03 Regulation Called Upon, Rebounded Back

The most ironic part of this incident is that Anthropic is perhaps the most actively advocating for regulation in the entire industry.

Just one day after the release of Fable 5, Dario Amodei published a long piece titled "Policy on the AI Exponential." In it, he explicitly stated that the government should have authority similar to that of the Federal Aviation Administration (FAA)—to mandate third-party testing of leading models and to have the right to block the release of models deemed unsafe.

He argued that the pace of AI development is exponential, while policy-making is linear. He employed the metaphor of tree people from Tolkien's works—wise but sluggish in action; by the time they react, the forest has already burned down.

Anthropic even promised substantial funding support for relevant legislation.

Then, the very regulatory authority he called for was used against him three days later.

And the manner of use was precisely what Amodei opposed in his article—there was no transparent process, no independent technical assessment, no space for the company to argue its case, and the letter did not even provide specific security concern details. There was only one conclusion: shutdown.

In an official statement, Anthropic made a thought-provoking remark: "We believe the government should have the ability to prevent unsafe deployments, but it should be done through a transparent, fair, fact-based statutory process. This action does not conform to these principles."

This is a very precise stance: I agree you have this power, but you cannot use it this way.

04 When Models Become "Infrastructure-Level Risks"

Shifting the focus away from Anthropic to see a larger picture.

The Fable 5 incident exposed a structural contradiction: AI models have become so powerful that all stakeholders feel uncomfortable, yet no one knows how to govern them.

For users, Fable 5's safety barriers were too tight. A security researcher could not use it for security research—it’s like giving a surgeon a scalpel that cannot touch blood.

For enterprise clients, the 30-day data retention was a major issue. Microsoft has already restricted its employees from using Fable 5, fearing that corporate secrets would be retained on Anthropic's servers. Microsoft even began revoking developers’ Claude Code licenses, shifting to its own GitHub Copilot.

For the government, a model capable of finding 23,000 vulnerabilities poses unimaginable consequences if its barriers are breached. Even a narrow jailbreak would be enough to cause anxiety.

For Anthropic itself, it faces an almost impossible balancing act: if it makes the model too weak, it loses competitiveness; if it makes it too strong, the model becomes a hot potato; if security measures are too lax, it gets accused of irresponsibility; if security measures are too tight, users turn to competitors.

This is not just Anthropic's dilemma. Any company that releases sufficiently powerful models will encounter the same issues.

Dario Amodei made a judgment in his policy article: the enhancement of AI model capabilities is not linear, but exponential. If this judgment is correct, then every contradiction faced by Fable 5 today will only be magnified in the next generation of models.

Safety barriers will become increasingly difficult to design. Jailbreak offensives and defenses will become more intense. Enterprise clients' resistance to data retention will grow stronger. And government interventions—whether or not there is a transparent process—will only come faster.

05 A Game No One is Prepared For

Returning to the initial question. Fable 5's four-day journey, on the surface, is about a product's launch and takedown, but essentially it is a stress test—not on the model's capabilities, but on the industry's governance framework.

The test results are clear: no one is prepared.

AI companies are not prepared. Anthropic is one of the companies in the industry that values safety most; it spent thousands of hours on red team testing, designed multi-layered defense systems, proactively requested data retention, and even publicly called for government regulation. Yet none of this prevented it from experiencing the entire process from launch to takedown within four days.

Users are not prepared. When the model truly began to "refuse" certain requests, even if the reason is safety, the response was one of anger and disdain.

Governments are not prepared either. A letter lacking detailed technical explanations and a judgment based on a single jailbreak report can cause millions of users to lose access to a model.

Amodei called for a finely-tuned governance machine—independent assessments, transparent processes, and appeal mechanisms. What he received was a letter delivered at five twenty-one in the afternoon.

This perhaps represents the current state of AI governance: everyone knows rules are needed, but no one has time to write them down. And the models will not wait.