Anthropic shuts off Fable 5 and Mythos 5 after US export-control order

Why it matters

The order turns frontier AI access into an export-control issue, forcing founders to design around nationality, employee access and sudden model takedowns.

Anthropic (@AnthropicAI) co-founder and CEO Dario Amodei was forced late Friday, June 12, to shut off the company's Fable 5 and Mythos 5 models for all customers after the US government issued an export-control directive barring access by foreign nationals, including Anthropic's own foreign national employees.

The order landed at 5:21 p.m. ET, according to Anthropic's statement. Anthropic said the directive cited national security authorities, did not provide specific details of the government's concern, and required the company to suspend access to both models by any foreign national whether inside or outside the United States. Access to Anthropic's other models is not affected.

The practical effect was broader than the legal target. Anthropic said it had to disable Fable 5 and Mythos 5 for all customers to ensure compliance. That is the operational lesson for founders: once a frontier model is treated as a controlled export, the immediate problem is not only where the user sits, but whether the company can prove who the user is, what nationality or legal status matters under the directive, which employees can touch production systems, and whether support, logging, evals, incident response and customer-success workflows expose controlled capability to restricted people.

The order came three days after Anthropic launched Claude Fable 5 and Claude Mythos 5. Fable 5 was the general-release version: Anthropic described it as a Mythos-class model with safeguards that route some high-risk requests to Claude Opus 4.8. Mythos 5 used the same underlying model, but with some safeguards lifted for a smaller group of cyber defenders and infrastructure providers through Project Glasswing, a program Anthropic said was being run in collaboration with the US government.

That context is what makes the directive unusual. Amodei has spent years building Anthropic around the premise that more capable models require stronger safety systems, closer government engagement and, in some cases, limits on release. Anthropic's original 2021 funding announcement described a company led by siblings Dario Amodei and Daniela Amodei and focused on building reliable, steerable systems. This week, the company ran directly into the state version of its own thesis: Washington accepted the national-security framing, then used export-control authority to pull back a model Anthropic had just argued was safe enough to commercialize.

Anthropic disputes the basis for the move. The company said its understanding is that the government believes it learned of a method for bypassing, or jailbreaking, Fable 5. Anthropic said it reviewed a demonstration of the technique and found it was used to identify a small number of previously known, minor vulnerabilities. It also said other publicly available models could find the same vulnerabilities without requiring a bypass.

The company said it had red-teamed Fable's safeguards for thousands of hours with the US government, the UK's AI Security Institute, private third parties and internal teams. Anthropic also said no tester had found a universal jailbreak that broadly unlocks cyber capabilities. Its position is narrower than a blanket claim that Fable cannot be bypassed: Anthropic acknowledged that perfect jailbreak resistance likely is not possible for any model provider, and said its strategy was to make jailbreaks narrow or expensive while monitoring for abuse.

Axios reported that Commerce Secretary Howard Lutnick sent Amodei a letter on Friday saying Mythos 5 and Fable 5 would be subject to export controls for any location outside the US and for all foreign persons within the country. Axios also reported that an administration official said the Commerce Department acted after another company claimed it had jailbroken Mythos, alarming officials about possible national-security risks. Per Axios, Anthropic will need additional applications for individually validated licenses, and noncompliance could trigger financial and civil penalties.

The closest recent precedent was not a live-model shutdown. In January 2025, the Commerce Department's Bureau of Industry and Security issued the AI Diffusion Rule, which created controls for certain advanced AI model weights and advanced computing hardware. But that was a rulemaking framework aimed at classes of chips, data centers and closed model weights. On May 13, 2025, Commerce announced it would not enforce that Biden-era rule and would pursue a replacement. The Government Accountability Office later summarized the AI Diffusion Rule as requiring licenses for exports, reexports or in-country transfers of advanced computing integrated circuits and the model weights of the most advanced AI models.

That makes the Anthropic order a sharper instrument. Export controls have long treated controlled technology or source code shown to a foreign person in the United States as a deemed export, a concept reflected in the Export Administration Regulations. Founders in aerospace, defense, semiconductors, cryptography and robotics already know what that means: citizenship and immigration status can shape who can see source code, schematics, model internals, customer data and production incidents. The new question is whether frontier AI access itself, not only weights or chips, can be pulled into that architecture on short notice.

The Trump administration had moved in that direction before the Anthropic letter. On June 2, President Trump signed an executive order on advanced AI innovation and security directing agencies to develop classified benchmarks for advanced cyber capabilities and design a voluntary framework through which developers could provide the government access to covered frontier models for up to 30 days before sharing them with trusted partners. The same order says nothing in that section authorizes mandatory licensing, preclearance or permitting for model development or release.

The Anthropic directive tests that line. The executive order framed pre-release review as voluntary and explicitly disclaimed a licensing regime. The export-control letter, as described by Anthropic and Axios, functioned as a mandatory access restriction on named commercial models that were already in market. For founders, the distinction matters less than the workflow it creates: if your model can plausibly be framed as a cyber, bio, autonomy or critical-infrastructure capability, your launch plan now needs an export-control plan before launch day, not after a government letter arrives.

The ramifications are immediate for AI founders building near the frontier. First, access control can no longer be treated as a product-tiering decision. It becomes a legal and infrastructure system, with identity verification, user segmentation, employee access controls, audit logs, residency rules, nationality rules and incident-response permissions built into the core product.

Second, customer contracts need to account for forced discontinuity. Anthropic priced Fable 5 and Mythos 5 at $10 per million input tokens and $50 per million output tokens and initially made Fable 5 available through the Claude API and consumption-based Enterprise plans. Customers building agents on top of a frontier model learned Friday that a government directive can remove a core dependency overnight. Startups selling AI-native products on top of someone else's frontier API now have to explain substitution, failover and model-risk policies to enterprise buyers.

Third, hiring and org design get harder. If foreign national employees may be barred from accessing the model, the constraint reaches research, product, infrastructure, safety, trust and support teams. Founders who recruit globally into US-based AI labs may need to segregate repositories, eval systems, deployment dashboards and customer escalations the way defense contractors already segment controlled technical data.

Fourth, open-source and open-weight strategies get more complicated but not automatically safer. A company that publishes weights may reduce the number of access-control decisions it has to make after release, but it also gives up the ability to monitor and shut down use. A company that keeps weights closed retains control, but also becomes the chokepoint regulators can order to deny access.

For Amodei, the order is also a political bind. Two days earlier, Axios reported that he argued government should be able to block dangerous AI deployments through a binding process grounded in testing. Anthropic's Friday statement made the same conceptual concession while rejecting this particular action: it said government should have the ability to block unsafe deployments through a transparent, fair and technically grounded statutory process, but said the Fable 5 and Mythos 5 order did not meet that standard.

That is the fight now. Anthropic is not arguing that frontier AI should be outside national-security review. It is arguing that a narrow claimed jailbreak, based on capability it says other public models already have, should not be enough to recall a commercial model used by customers. If Washington applies that standard across the industry, Anthropic said, it would effectively halt new frontier-model deployments.

Whether Fable 5 and Mythos 5 return quickly will matter less than the precedent the directive sets. For AI founders, the message is already clear: at the frontier, shipping a model is no longer just a safety, product and compute decision. It is an export-control event.