On June 9, Anthropic released Fable 5 and called it the most capable AI model it had ever made available to the public. Three days later, on the evening of June 12, it switched it off. Not because of an outage: the US government sent a letter, and within hours Fable 5 and its larger sibling, Mythos 5, stopped working for everyone, everywhere. The stated reason was that someone had asked the model to read code and fix flaws.
People will argue for weeks about whether the government was right, and that is the noisy part. The part that lasts, for anyone who builds on or depends on AI, is different: a capability defenders use every single day was treated as a weapon, and a service millions relied on vanished between dinner and midnight. The honest read has no heroes. We only have Anthropic's account, the government has said nothing in public, and Anthropic itself had already asked authorities for exactly this kind of power. The lesson is not to root for a side; it is to stop treating a single hosted model as if it were a fixed part of the house.
Almost everything we know comes from the company's statement. The export-control directive (the rules that limit sensitive technology from leaving a country) bars any foreign national from accessing Fable 5 and Mythos 5, whether inside or outside the US, including Anthropic's own foreign-national staff. Because there is no way to separate foreign nationals from US persons in real time across a user base in the hundreds of millions, the company chose to cut access for all of them. Anthropic's other models, Opus, Sonnet, and Haiku, are still running normally.
The justification was a jailbreak (the technique that gets a model to do what it is supposed to refuse). According to Anthropic, the demonstration behind the order amounted to asking the model to read a particular codebase and point out the errors, and the flaws it found were few, already known, and low severity. The company says other models available to anyone, including OpenAI's GPT-5.5, do the same with no trick at all. It is complying with the order but disagrees with it: "We disagree that the finding of a narrow potential jailbreak should be cause for recalling a commercial model deployed to hundreds of millions of people." It called the whole thing a likely misunderstanding.
It is worth not swallowing this version whole. Anthropic is an interested party, the government published neither the letter nor the technical basis, and there is an irony worth noting: just days earlier, security researchers were complaining about the opposite, that Fable 5 was so locked down it refused any request even loosely tied to cybersecurity. The same model was accused of blocking too much and then withdrawn for, supposedly, unblocking too little.
Asking an AI to fix code is not a weapon
Looking for flaws in code and proposing fixes is the most ordinary job in security. It is what the tools that comb through programs before every release do, and it is what any engineer does when running a check before putting a service live. It is a dual-use capability (it serves attack and defense alike), like almost everything in this field. We do not ban nmap or Wireshark, tools that serve the attacker and the network's defender with equal ease, because we worked out something simple long ago: you do not strengthen defense by banning the tools defense lives on. Treating "ask the model to fix your code" as munitions is a category error. The capability is not the problem. The precedent is: switching it off with a letter and without showing the evidence.
For the people who build, what to do with this
The legal fight will drag on, but the operational lesson does not need to wait for a verdict:
- Do not let a single hosted model become a hard dependency. Keep alternatives ready and a fallback plan for the day one of them disappears, whether through an outage, a billing event, or a government letter.
- Know where AI lives in your system. You cannot manage what you cannot see: map which services and products depend on which models.
- Prefer guardrails and monitoring over kill switches. Instead of the kill switch (the one button that turns everything off at once), constrain what each component can do, watch its behavior, and intervene narrowly.
- Demand transparency in both directions. Whoever finds a flaw shows it to whoever can fix it, with evidence and a deadline. That holds for an independent researcher and it holds for a government.
More is left unexplained than explained. We do not know how long the suspension will last, the detailed legal basis, or the evidence that prompted the order. The picture no one will erase is this: a global product, available to everyone, vanished in a couple of hours by the decision of someone who did not build it. Whoever wins the argument in court, availability you do not control is a risk that is yours, and you build with that in mind.
Original source: Snyk.
#StaySafe
🙏🖖
