BREAKING: Fable and Mythos have been taken down for security concerns
A live 14-minute breakdown of the US government export control directive that forced Anthropic to pull Fable 5 and Mythos 5 offline for all non-US citizens — including Anthropic's own employees.
A narrow, non-universal jailbreak that other deployed models can also execute was treated as sufficient cause to remove a frontier AI from hundreds of millions of users worldwide, with no transparent statutory process — setting a precedent that, if normalized, would halt all new frontier model deployment.
Who This Is For
Read if. Skip if.
READ IF YOU ARE…
You build with Claude Code or Claude's API and need to understand what just changed and why.
You follow AI policy closely and want a technically literate read on Anthropic's public response.
You are a non-US developer or team member trying to understand who is affected and for how long.
You want to understand the difference between a universal and a non-universal jailbreak, and why Anthropic thinks the government got this wrong.
SKIP IF…
You want a neutral summary with no editorial stance — the host is firmly on Anthropic's side throughout.
You're looking for technical depth on the jailbreak itself — no technical details of the exploit are disclosed.
TL;DR
The full version, fast.
The US government issued an export control directive requiring Anthropic to immediately disable Fable 5 and Mythos 5 for all non-US citizens — including foreign national Anthropic employees — citing a demonstration of a narrow jailbreak that used the model to find software vulnerabilities. Anthropic complied but publicly disputed the decision, arguing the vulnerabilities discovered were minor and that other publicly available models, including GPT-5.5, can produce the same findings without any bypass. Anthropic's position is that perfect jailbreak resistance is impossible for any model and that their defense-in-depth strategy already makes risks comparable to deployed industry models. The shutdown, executed on a Friday evening with less than four hours' notice, sets a precedent that, if applied industry-wide, would halt all new frontier model deployment.
Free for members
Chat with this breakdown — free.
Sign in and you get 23 free chat messages on us — ask for the hook, quote a framework, find the exact transcript moment, generate a markdown action plan. Bring your own key when you want unlimited.
Opening hook — Fable just got banned by the US government, delivered with disbelief.
00:16 – 01:00
02 · The announcement
Reads the official Anthropic tweet verbatim: export control directive, foreign national restriction including Anthropic employees, all other models unaffected.
01:00 – 03:24
03 · Sponsor — CodeRabbit
CodeRabbit agent product: cross-codebase context, Slack integration, time-based billing. Personal frustration with current agent setup friction is the setup.
03:24 – 05:49
04 · Anthropic's full statement
Reads and annotates Anthropic's detailed public response: defense-in-depth strategy, 30-day prompt retention, jailbreak typology, red teaming history.
05:49 – 06:43
05 · The jailbreak technique
The government's method: ask the model to fix software flaws, reverse-engineer the vulnerabilities from the fixes. Not 'find exploits' — 'fix bugs.'
06:43 – 07:47
06 · The GPT-5.5 callout
Anthropic cites GPT-5.5 as capable of the same vulnerability discovery without a bypass. Theo worries this gets GPT-5.5 pulled next — 'the snitching is unreal.'
07:47 – 12:26
07 · Dario's policy essay
Extended read of Dario Amodei's 'Policy on the AI Exponential' — the irony that Anthropic's own policy advocacy for faster government action resulted in this rapid intervention against them.
12:26 – 13:17
08 · Live Fable test + community reaction
Theo checks if Fable still routes in Claude interface — it does, briefly. Shows 'Is Fable Down' community sites, live tracking every five minutes.
13:17 – 13:56
09 · Retaliatory motive theory
Theo floats that the shutdown may be retaliation for Anthropic publicly opposing federal pre-emption of state-level AI laws two days earlier.
13:56 – 14:20
10 · Wrap
Urgent sign-off — Theo rushes to publish before access is fully cut, apologizes to non-US friends, calls it 'a disaster.'
Atomic Insights
Lines worth screenshotting.
The government's jailbreak technique didn't ask the model to find hacks — it asked the model to fix software flaws, then reverse-engineered the vulnerabilities from the remediation output.
Anthropic confirmed the specific technique used by the government is reproducible by other publicly available models, including GPT-5.5 — and published that finding in their public statement.
Perfect jailbreak resistance is not possible for any model provider today; every safeguard in the industry is vulnerable to narrow non-universal jailbreaks.
The export control applies to non-US citizens whether inside or outside the US — meaning foreign national Anthropic employees cannot use their own company's flagship model.
Anthropic's 30-day prompt retention requirement — which cost them customers when announced — was specifically implemented to enable research and rapid mitigation of jailbreaks.
If the government's standard were applied across the industry, Anthropic says it would effectively halt all new frontier model deployment for all providers.
This shutdown happened on a Friday evening at 6PM Pacific — less than four hours after Anthropic received the government directive.
Dario's public essay advocating for faster AI policy was published just before this intervention — the policy apparatus Anthropic helped build moved faster than they anticipated, and against them.
Community tracking sites for Fable's uptime appeared within hours of the announcement, reflecting how embedded the model had become despite only three days of public availability.
Anthropic's posture was to publicly disagree while complying — calling the decision a misunderstanding and committing to restore access as soon as possible.
Takeaway
What a commercial model ban actually means for builders.
THE PRECEDENT
This is the first time a US government export control has pulled a commercial frontier AI mid-deployment — and the reasoning used sets a standard that no deployed model currently meets.
A narrow jailbreak that other publicly deployed models can replicate without any bypass was treated as sufficient grounds to remove a product from hundreds of millions of users with no advance notice or transparent process.
Anthropic's defense-in-depth approach — layered safeguards, 30-day prompt retention, active monitoring — represents the current industry ceiling for jailbreak resistance; if that ceiling triggers commercial recall, every frontier model is exposed to the same intervention.
The government's technique exploited the model's helpfulness, not its weakness: asking it to fix software flaws, then extracting the vulnerability from the remediation output — a reminder that attack surface scales with capability, not just intent.
Anthropic's 30-day prompt retention requirement, which cost them real customers when it was announced, was specifically designed to support forensics and jailbreak mitigation — the first moment that architectural decision paid off publicly.
For any team running production workloads on a single frontier model API, this event is the clearest possible argument for provider-agnostic infrastructure — the risk of a 4-hour shutdown with no warning is now demonstrated, not theoretical.
Glossary
Terms worth knowing.
Export control directive
A legal order issued under US national security authority that restricts who can access a technology or product, typically applied to prevent adversarial foreign access to sensitive capabilities.
Universal jailbreak
A jailbreak method that broadly bypasses a model's safeguards across a wide range of capabilities, not just in specific narrow circumstances. Anthropic states no universal jailbreak for Fable 5 has been found.
Non-universal jailbreak
A bypass that elicits specific outputs only in specific circumstances, not broadly. The government's demonstration was this type — Anthropic argues every deployed model in the industry has this class of vulnerability.
Defense-in-depth strategy
A layered security approach where no single control is relied upon. For Anthropic this means combining model-level safeguards, prompt monitoring, 30-day retention for forensics, and rapid mitigation cycles.
Red teaming
Structured adversarial testing where security researchers try to break a system's defenses. Anthropic conducted thousands of hours of red teaming with the UK AISI and private organizations before Fable's launch.
“The model wasn't trained to be safe, the model was trained to be really smart, happens to be so smart it can do some hacking.”
Sharp, clear reframe of the capability vs. safety distinction — no setup needed→ TikTok hook↗ Tweet quote
07:15
“The snitching is unreal.”
Comedic peak — lands hard after the GPT-5.5 callout context→ IG reel cold open↗ Tweet quote
13:17
“This might be retaliatory.”
High-stakes editorial claim, delivered calmly — pairs well with policy news context→ newsletter pull-quote↗ Tweet quote
The Script
Word for word.
Read-along
Don't just watch it. Burn it in.
See every word as it's spoken — crank it to 2× and still catch all of it. The same dual-channel trick behind Amazon's Kindle + Audible.
17px
metaphoranalogy
00:00Some things are just too good to be true. And apparently, Fable was one of those things because it just got banned. Yes, really.
00:08All of us who have been trying to maximize our utilization of Fable over the last three days are no longer able to do such because of the United States government. I'm a US citizen, and I'm even restricted here. It's actually unbelievable.
00:21I've never seen anything like this in my life. And this is another one of those terrible precedents being set. I'm tired of living in unprecedented times, man.
00:28I want shit to be a little more boring because this is this is a lot. I'll read the tweet first because it's the quick summary, and then we're gonna go into all the details for the rest of the video. The US government, citing national security authorities has issued an export control directive to suspend all access to Fable five and Mythos five by any foreign national whether inside or outside The United States, including foreign national anthropic employees.
00:51So even anthropic employees that don't live here are no longer allowed to access it, especially ones who are here, citizens of other nations. That's crazy. There's a lot of anthropic employees I know that are not US citizens.
01:02Fuck. I I I'm thinking, like, I have so many friends that work at Anthropic that now cannot use the models. What the fuck?
01:09What the fuck? The net effect of this order is that we must abruptly disable Fable five and Mythos five for all of our customers to ensure compliance. Because they don't have a way to verify that we're citizens yet.
01:18They're gonna figure that all out. Other models are not affected. We apologize for the disruption, yada yada.
01:22We have a lot to talk about here. And I just lost a lot of money because I paid for a shitload of quad subs for Fable, and most of those were for my employees that are not US based. That's why I'm not gonna get back, so I need to make some somewhere, and I'm gonna have to go with today's sponsor.
01:36I'm starting to get annoyed with all of the setup flows necessary to make my agents useful. They might be able to run fine in one code base, but what happens when the changes affect another? What happens when I need to access data from a logging system that I haven't set up the MCP for yet?
01:48What happens when somebody's asking me for updates on Slack and I have to go copy paste all the context between things? How do I even know how much it'll cost me when I'm running across all these different things? These are problems that have annoyed me and probably you too for a while, especially those of y'all working at big companies.
02:02Thankfully, CodeRabbit has solved it in more with the new agent product. If you only know CodeRabbit for their code review, you need to catch up because they're going so much further now with the agent. I wanna be really clear about this first.
02:13They didn't just build another tool to file slot PRs via Slack. They built something that understands your company, your code base, your integrations, your data, and more. Their agent integrates with everything from Sentry and Posthog to Jira and Linear to Notion and Google Drive because they know your data lives across all of these different places, and it needs to access it to solve real problems.
02:33This also means it can pull from different sources as part of the same request. Datadog threw an alert for this team, somebody tagged in CodeRabbit, it went through the alerts from Datadog, and then checked the Google Cloud logs separately, found a PR, which now we're in three different data sources that it was able to access and use to provide the useful information.
02:50This is the type of thing you normally needed your best dev who had a horrible bus factor to solve for you. So it's gotta be super expensive, right? There's like 15 different ways they could bill?
02:58Well, solve that too. Rather than having all these different pieces you have to worry about the costs of, they just charge you for how much time the agent spends doing things. This means no more runaway bills, no more utter chaos trying to figure out how much a task is going to cost, and no more trying to debug 15 different tools that aren't attached to your agent properly.
03:16Just ping it in Slack and go. Coderapids reviews already stopped me from shipping so much broken code, Now they're helping fix it. Check them out now at soydev.link/coderabbit.
03:24The US government, citing national security authorities, has issued an export control directive to suspend all access to Fable five and Mythos five by any foreign national, whether inside or outside The US, including foreign national Anthropic employees. The net effect of this order is that we must abruptly disable Fable and Mythos for all of our customers to ensure compliance.
03:44Access to all other Anthropic models will not be affected. We received this directive from the government today at 05:21PM eastern time.
03:50It is currently 6PM Pacific time, and there's a three hour difference there.
03:55So this would have been it was about four hours ago roughly. The letter did not provide specific details of its national security concern. Our understanding is that the government believes it has become aware of a method of bypassing or jailbreaking Fable five.
04:08We reviewed a demonstration of this specific technique being used to identify a small number of previously known minor vulnerabilities. These vulnerabilities all appear relatively simple, and we have found that other publicly available models are able to discover them as well without requiring a bypass. To break down what they're describing here, the US government was able to get an example of jailbreaking Fable five to find vulnerabilities in software, and they don't want other governments being able to use it to do that.
04:34Anthropic is disagreeing subtly here by saying that the vulnerabilities it found with this jailbreak were simple, and they have found other publicly available models can find those same vulnerabilities. Anthropic's posture with respect to Fable safeguards, as laid out in their launch blog post, is the following.
04:49First, we have instituted strong safeguards that greatly reduce the likelihood that Fable is misused for tasks related to cyber security among others. In fact, our safeguards are so strong that many users have complained that they are overly broad. Yep.
05:02In the weeks leading up to the launch of Fable, Anthropic worked with the US government, the UK AISI, multiple private third party organizations, and internal teams to red team Fable safeguards for thousands of hours in total.
05:14These tests showed that Fable safeguards are substantially more effective than those of any previously deployed model. I would agree. It's hard to get it to do fucking anything.
05:22No testers have yet been able to find a universal jailbreak, a jailbreak method that can very broadly bypass the model safeguards unblocking a wide range of cyber capabilities. We suspect that perfect jailbreak resistance is not currently possible for any model provider. Every safeguard used in the industry is vulnerable to non universal jailbreaks, which can elicit some cyber information in specific circumstances.
05:43It is likely that universal jailbreaks will eventually be found in the future. We stated this clearly when we released Fable five. Given that perfect jailbreak resistance does not appear to be possible today, Anthropic adopted a defense in-depth strategy with Fable five.
05:57We aimed to make the jailbreaks either narrow in the case of non universal jailbreaks or very expensive to produce in the case of universal ones. And to combine this with thorough monitoring to quickly detect and shut down any successful attacks. Again, I talked about this in a video I recorded earlier today that now feels really out of date.
06:13They are monitoring things that are returned that shouldn't have been, and updating their safeguards accordingly. Because the model isn't trained to be safe, the model was trained to be really smart, happens to be so smart it can do some hacking, so they put a bunch of shit in front to make sure that it doesn't get a prompt that tells it to do things that are potentially unsafe, and most importantly, it doesn't respond with instructions that tell it how to do unsafe things.
06:37They also made the change where all prompts now have a thirty day retention required, which was not the case before, that has also made them lose a bunch of customers.
06:46They even call that out here, but it allowed them to research and mitigate jailbreaks. They stand by this defense in-depth strategy. It reduces the risks posed by Fable, making them comparable to the risks of existing models already deployed across the industry, and they've not even received a disclosure of concerning non universal potential jailbreaks that led to a harmful result.
07:04The potential jailbreaks that have been disclosed to them are either benign responses or are minor findings that provide no mythospecific uplift. Yep.
07:13I am on Anthropic side on this one. They went really hard with the security, but it sounds like someone in the US government was able to get it to respond with a vulnerability in some software.
07:26It immediately turned everything up to 11, like, oh my god, foreign nationals are gonna use this to hack us, even though other models are capable of doing the same vulnerability discovery that the US government demonstrated to Anthropic here. Today, the government has only given us verbal evidence of a potential narrow non universal jailbreak, which essentially consists of asking the model to read a code base and fix any software flaws.
07:47Our understanding is that one potential jailbreak was shared with the government. We have reviewed the report and validated that the level of capability displayed there is widely available from other models, including OpenAI's GPT 5.5. This is the student telling the teacher, hey, you forget to give us homework?
08:03But it is actually a reasonable callout too. I am scared we might lose five five access now too, though. The snitching is unreal.
08:10Oh, god. Yeah. And it's also a good callout that five five is used every day by the defenders who keep systems safe.
08:17We will share more details over the next twenty four hours. And this is on a Friday, by the way. Friday evening.
08:22It's 6PM on Friday. I'm supposed to be at a party right now, but I'm here filming this. I do like that they called out the specific strategy used here, is not asking the model find software flaws and find hacks.
08:33They told the model to go through the code base and fix flaws, and through finding those there, they can go reverse engineer it. We're complying with the government's legal directive and we're removing access to Fable and Mythos for all users. However, we disagree that the findings of a narrow potential jailbreak should cause recalls for commercial models deployed to hundreds of millions of people.
08:51If this standard was applied across the industry, we believe it would essentially halt all new model deployment for all Frontier model providers. So you're safe Google, but everyone else is screwed. As they've stated publicly, they believe the government should have the ability to block unsafe deployments as part of a statutory process that is transparent, fair, clear, and grounded in technical facts.
09:10This action does not adhere to those principles. We apologize for the disruption to our customers. We believe this is a misunderstanding, and we are working to restore access as soon as possible.
09:19Crazy that this Dario blog post on policy on the AI exponential has become so relevant and important to their business already. I was making jokes about this just yesterday, but now it really matters.
09:31It is funny that in here they call out that legislation moves very slowly. Often, this is for good reasons. Governments have grave powers, and it's usually for the best that they aren't used too hastily.
09:41But the mismatch in time scale is nevertheless very painful. In the several years it can take Congress to act, AI can go from an amusing toy to the full country of geniuses. Over the last few years, since AI has become a major commercial technology, those of us who wanted to handle it responsibly have faced a dilemma.
09:57We could see clearly where the exponential was going. We strongly suspected that within a few years, AI would be one of the rare technologies that fundamentally reshapes the entire policy landscape in the same way that nuclear weapons reshaped geopolitics in the industrial revolution, fundamentally reshaped every economic and social issue.
10:14But to those looking only at what AI could do at the time, it looked like much more mundane technology, similar perhaps the latest consumer app or cryptocurrency. Cryptocurrency needs a lot of legislation.
10:24Let's be real here. It was hard to convince most policymakers and companies that anything other than a lase faire attitude made sense. And to be fair, the fact that AI's radical effects were not yet present and that we didn't know exactly what shape they might take made it difficult to design the right policies even if there had been the will to act.
10:41Given the limitations imposed by the situation, many safety advocates, including Anthropic, have so far been focused on advocating for policy actions that preserve optionality, tee up a fast reaction in the future, or give the world better insights into what is coming down the pike. Things like transparency legislation, export controls on chips, and data collection on AI's labor efforts.
11:01These are not enough, but they have felt like all that was possible. They got their fast reaction, though. They did get that.
11:07Dario also calls out here that Mythos preview in the discovery that frontier models pose very real risks to cybersecurity creating the potential for disruption for of the financial sector critical infrastructure and national security is indeed a big deal and real. Now this review scrambled the global cybersecurity landscape.
11:21It really did. It was crazy to watch. But its broader significance is that it proves beyond a doubt that AI models are now tools of global and national strategic consequence.
11:31Yep. And we are now suffering the consequences of exactly that. The cyber risks that mythos class models present will not be the last that we must face.
11:39I believe that biological risks may soon follow and that serious AI autonomy risks may not be far behind. We now, globally and collectively, need to activate a slow and rickety policy apparatus to deal with risks and opportunities that are going to compound surprisingly quickly from here. Many policymakers are showing increased openness to taking action, And it's been encouraging to see our peers come around to the same positions that we've been advocating for over the past few years.
12:05This is good, but I worry that these early actions are at least a year out of step with AI's rapid progress. This essay is an attempt to close the gap, to lay out where the exponential is now and the collective action needed to meet the moment. He then goes on to give the different examples of the policy types and categories he thinks should be implemented.
12:23It's a genuinely good read, and I would recommend taking a look yourself. The link will be in the description. But instead of continuing to read that, I'm gonna pour one out for my beloved.
12:31Fable, I will miss you so. Our three days together were magical, unlike anything I've experienced before it. Some things are just too good to be true.
12:39So good that the government interferes. I'm sorry we were one of those things. Until we meet again.
12:45It's still routing. Still appears to be Fable. Did not tell me that it rerouted.
12:50It has not been disabled here yet. I'm scared if I pick a different model. Will I still be able to pick Fable?
12:58Rest in peace. People are already making websites. Is Fable down or not dot vercel.app for how long until Fable's removed from the API?
13:06They're doing tests every five minutes, I believe, to see if it is responding to probes or not. Just two days ago, Anthropic urges US to not block state AI laws without setting federal standards. This might be retaliatory.
13:19This might be because Anthropic was pushing for The US to not interfere with the restrictions certain states wanted to implement, so now they are getting restricted super hard. But with OpenAI certainly cooking new models coming very, very soon, I have a feeling the impact and implications of this are going to be absurd.
13:37I don't wanna waste your guys' time too much, because this is still a developing story, but I've covered everything we have now, and I'll be sure to pin comments accordingly as more info comes in. For now, all we have is this official statement and access being cut off in the very near future, if not by the time this video is live.
13:52I'm gonna wrap up ASAP because I wanna get this out ASAP. I hope you guys understand. I will miss Fable and I will be using this much of it as I possibly can up until it is formally banned.
14:02Fingers crossed that this gets resolved quickly, and sorry to all of my friends who are not in The US, who are not US citizens, that won't get access for even longer. What a fucking mess.
14:12This is a disaster. I did not think we were going to get intervention like this as quickly as we are. Everything is chaos.
14:17I'll do my best to cover it. And until next time, peace nerds.
The Hook
The bait, then the rug-pull.
Theo was three days into his Fable 5 run when the US government ended it — not with a deprecation notice or a policy update, but with an export control directive that gave Anthropic hours to pull the model from every non-US citizen on the platform, including its own employees.
Frameworks
Named ideas worth stealing.
03:40model
Defense-in-depth for model safety
Model-level safeguards
Prompt monitoring + 30-day retention
Rapid jailbreak detection and mitigation
Red teaming before launch
Anthropic's layered approach to jailbreak resistance: no single control is relied upon; monitoring catches what safeguards miss; retention enables forensics.
Steal forAny team building safety-constrained AI features in production
04:55concept
Universal vs. non-universal jailbreak typology
Universal: broadly bypasses safeguards across a wide range of capabilities. Non-universal: elicits specific outputs only in specific circumstances. The government found the latter; Anthropic argues this class exists in every deployed model.
Steal forExplaining AI safety tradeoffs to non-technical stakeholders
CTA Breakdown
How they asked for the click.
VERBAL ASK
01:00product
“Check them out now at soydev.link/coderabbit”
Pre-roll style, 2:24 long, stitched between the hook and the main breakdown. Personal frustration with agent setup friction makes the segue feel earned rather than forced.
A 33-minute first-take from a developer who spent $3,000 on inference in 24 hours — benchmarks, real demos, session math, and the hidden safety intervention that silently degrades the model without telling you.
00:32
00:37
00:48
00:59
01:09
01:20
01:31
01:53
02:03
02:14
02:25
02:35
02:46
02:57
03:08
03:18
03:40
03:51
04:01
04:12
04:23
04:34
04:44
04:55
05:06
05:17
05:27
05:38
06:00
06:10
06:21
06:32
06:53
07:04
07:15
07:26
07:36
07:47
07:58
08:09
08:19
08:30
08:41
08:52
09:02
09:13
09:19
09:35
09:45
09:56
10:07
10:18
10:28
10:50
11:01
11:11
11:22
11:33
11:44
11:54
12:05
12:16
12:37
12:45
12:59
13:11
13:31
13:41
13:56
14:05
Video of the Day32:54
23:21
30:40
47:33
12:57
10:58