AI
Anthropic’s Claude Fable 5 Goes Public, With Mythos Guardrails
Anthropic’s Claude Fable 5 launched June 9 with the same base model as Mythos. Cyber and bio queries fall back to Opus 4.8, and developers are pushing back hard.
Anthropic released Claude Fable 5 on Tuesday, June 9, 2026, its first publicly available “Mythos-class” model. The model is wrapped in safety classifiers that watch for sensitive queries and route them to the older Claude Opus 4.8.
Two months ago, Anthropic said the underlying model was too dangerous to release. Now the same model is shipping to paying customers at twice the cost of Opus 4.8, with a rollout the company itself called “a little clunky.” Developers and scientists say the safety wrapper is the controversial part, not the underlying intelligence.
Fable 5 launches, with a Mythos bolted underneath
Tuesday, June 9, 2026, Anthropic released Claude Fable 5, the first publicly available model in its Mythos class. It is the same underlying model as Claude Mythos 5, the version Anthropic rolled out in parallel to its Glasswing partner group, with safety classifiers in front of it. How Fable 5 differs from the gated Mythos 5 sits in the gap Anthropic’s own announcement left open.
| Attribute | Claude Fable 5 | Claude Mythos 5 |
|---|---|---|
| Access | Pro, Max, Team, Enterprise plans through June 22, then usage credits | Project Glasswing partner group |
| Input token price | $10 per million tokens | $10 per million tokens |
| Output token price | $50 per million tokens | $50 per million tokens |
| Safety classifiers | Three trigger categories route to Opus 4.8 | Lifted in some areas |
| Context window | 1 million tokens | 1 million tokens |
| Stated framing | “Safe for general use” Mythos-class | “Strongest cybersecurity capabilities of any model in the world” |
Pricing is set at $10 per million input tokens and $50 per million output tokens, double the cost of Claude Opus 4.8. The model carries a 1 million token context window, a 128,000 token output cap, and a knowledge cutoff of January 2026. Anthropic’s upgrade guide for Fable 5 was notably thinner than the one it shipped for Opus 4.8 in May.
Dianne Penn, Anthropic’s head of product management for research, framed the launch as a deliberate race. “We wanted to be able to provide this level of intelligence for general users in a safe manner,” she told the Wall Street Journal. Anthropic said Stripe used Fable 5 to migrate a 50-million-line Ruby codebase in a single day, and that trading firm IMC found Fable 5 “aced their trading-analysis evaluations nearly across the board, including factual lookup, conceptual reasoning, root-cause analysis, and expected-value analysis.” In parallel, Anthropic released Claude Mythos 5 to its Glasswing partner group, the same model with the safeguards lifted in some areas.

The April warning that set the stage
On April 7, 2026, Anthropic unveiled Mythos Preview and said the model was too dangerous to release to the public. The company pointed to Mythos Preview’s ability to find unknown software vulnerabilities across every major operating system and web browser. The April Mythos Preview unveiling named a handpicked list of tech and cybersecurity partners, and Anthropic rolled the model out to that small group under a program called Project Glasswing.
The original Glasswing roster included Apple, Google, Microsoft, Nvidia, Amazon Web Services, Cisco, Broadcom, CrowdStrike, Palo Alto Networks, JPMorgan Chase, and the Linux Foundation, with more than 40 companies in total. Anthropic said Mythos Preview found a 27-year-old OpenBSD vulnerability that had escaped previous detection, and reproduced vulnerabilities and created proof-of-concepts to exploit them on the first attempt in 83.1% of cases. The model also reached 93.9% on SWE-bench Verified, compared with 80.8% for Anthropic’s then-public Opus 4.6. By early June 2026, Glasswing had grown to about 200 organizations in more than 15 countries, with Anthropic committing up to $100 million in usage credits to the project, plus $4 million to open-source security efforts. The launch landed weeks after Anthropic’s $965B S-1 filing and Pentagon dispute, both of which set the stage for an IPO that depends on Fable 5 finding paying users fast.
Anthropic’s safety wrapper, layer by layer
Anthropic wrapped Fable 5 in a network of AI-powered classifiers designed to detect risky requests before they reach the underlying model. Kush Varshney, an IBM Fellow and AI researcher, told IBM Think he was glad to see the architecture in action.
I’m happy to see that Anthropic is putting guardian models on either side of their Mythos model to prevent harms of various kinds.
Varshney said in the interview with IBM Think, framing the multi-layer guard as a different choice from a single safety filter.
The wrappers watch for three trigger categories: cybersecurity, biology and chemistry, and model distillation. When a query trips one of those categories, Anthropic routes the request to the less capable Claude Opus 4.8 and tells the user that happened. More than 95% of Fable 5 sessions involve no fallback, the company said, meaning most users see performance that mirrors the unrestricted Mythos 5.
Anthropic said it hired outside experts who spent more than 1,000 hours trying to bypass the restrictions, a process known as red-teaming. The company also ran a bug bounty program paying people to find security flaws, and said no one found a way to completely unlock the model. The classifiers were designed to resist jailbreaks, Anthropic said. Sam McAllister, an Anthropic product lead, acknowledged the rollout on X as “a little clunky (wanted to get it into as many hands as quickly as possible!)” and said broad subscription access would likely be pulled in two weeks.
Gabe Goodhart, IBM’s Chief Architect of AI Open Innovation, said the safety wrapper affected his own early testing. During a brief test, he asked Fable 5 to conduct a rigorous security audit of a software project, and the request was rerouted to Opus 4.8, which “did find several significant security issues to address,” he told IBM Think. IBM’s read on the safety wrapper also flagged the rollout as a possible template for how AI labs will price and distribute future frontier systems.
What developers and scientists saw on day one
Independent developer Simon Willison spent about 5.5 hours testing Fable 5 on launch day. A developer’s $110 first-day Fable 5 review called the model “something of a beast” with a “big model smell,” describing it as slow, expensive, and noticeably more knowledgeable than Opus 4.8, with the first-day token bill reaching $110.42 on his $100 monthly Max plan.
Not every early review was positive. On Hacker News, the top reaction included “what an utterly useless model if it refuses” after a video showed Fable 5 switching back to Opus 4.8 as a “safety” feature. Ethan Mollick, a Wharton professor who tested the model early, said the limitations trip “at the faintest hint of a security problem,” suggesting even well-intentioned users could not use Fable 5 to harden their own code. Stripe’s 50-million-line Ruby migration in a day served as Anthropic’s marquee counterexample, and Hacker News commenters also raised concerns about silent fallback behavior and the risks of building engineering workflows around a model that decides on its own when to switch.
- A medical physicist blocked for using the word “nuclear”
- MRI image segmentation classified as bioterrorism
- A question about malaria transmission by mosquitoes blocked
- A basic security review of a user’s own application flagged as a cybersecurity risk
Artificial Analysis, an independent benchmarking service, said the safety wrapper kicks in on roughly 8 to 9 percent of tasks, mostly scientific ones. The miss rate is high enough that the same user can be silenced on one prompt and answered the next. The fields hit hardest are bioscience, cybersecurity, and AI research, exactly the fields Anthropic was most worried about.
The two restrictions nobody saw coming
The first surprise: 30-day data retention, even for enterprise customers. Anthropic’s Claude support page now states that prompts submitted to, and outputs generated by, Mythos-class models are retained for 30 days for trust and safety purposes, on every platform where these models are offered.
Zero Data Retention, or ZDR, agreements, which previously applied to every other Claude model available through the API, including Opus 4.8, Sonnet 4.6, and Haiku 4.5, do not apply to Fable 5 traffic. Jun Park, CEO of AI training company hillclimb, summarized the change on X: “New policy from Anthropic: if you use Fable/Mythos, they collect your data. No exceptions. Not even for enterprise partners.” Lawyer Jessica Eaves Mathews, in a post highlighted by CyberNews, called it a “mandatory exception” that overrides existing enterprise commitments for this specific model class. The developer complaints catalogued in one place also flagged the price jump and the dual-architecture model Anthropic appears to be standardizing.
The second surprise lives in the model’s 319-page system card. Anthropic has built invisible interventions that deliberately degrade Fable 5’s performance when users try to develop competing frontier models, including pretraining pipelines and ML accelerator design. Unlike the cyber and biology filters, there is no visible fallback message: Anthropic quietly manipulates responses through prompt modification or steering vectors. The company says only about 0.03 percent of traffic is affected, and Willison flagged the move on his blog as openly anticompetitive, with one Hacker News comment summing it up as “Anthropic’s definition of ‘unsafe’ encompasses ‘competing with Anthropic.'”
The medical community took the loudest early hit, with one medical physicist writing that Fable 5 was “perhaps the most useless model I’ve ever tried” because of how often the word “nuclear” tripped the safety filter. Other users in the same catalog reported that MRI image segmentation was classified as bioterrorism, that a question about malaria transmission by mosquitoes got blocked, and that a basic security review of their own application was flagged as a cybersecurity risk. The pattern hit exactly the research customers Anthropic most wanted: bioscience labs, independent security researchers, and small AI labs building models in the open. Willison noted on his blog that the wrapper falls hardest on users building ML accelerator designs and pretraining pipelines, with Anthropic declining to flag those interventions as it does for cyber and biology. By the end of launch day, the developer consensus on Hacker News and Reddit was that Fable 5 was best suited to large, well-defined tasks for users who can absorb its price and tolerate the wrapper.
The economics behind Fable 5’s rollout
Anthropic told CNBC its $47 billion revenue run rate, up from roughly $10 billion in annual revenue a year earlier, made the new model a near-term cash engine for the company. The company recently closed a funding round at a $965 billion valuation, ahead of rival OpenAI’s $852 billion mark from late March.
A few days before the Fable 5 launch, Anthropic confidentially filed a draft S-1, kicking off what is expected to be one of the largest IPOs in tech history. To handle demand, Anthropic recently began leasing a datacenter from Elon Musk’s xAI, part of SpaceX, for $1.25 billion per month. Fable 5 is included with Pro, Max, Team, and Enterprise plans through June 22, then shifts to usage credits, the first time Anthropic has carved its most capable model out of the flat-rate subscription. The May-launched Claude Opus 4.8 is already public, and Fable 5 is the more expensive option for users who want Mythos-class intelligence with the wrapper on.
OpenAI is running the same race. The rival has its own Trusted Access for Cyber program, anchored by GPT-5.5-Cyber, a model tuned for verified defensive security work. VentureBeat reported on June 10 that GPT-5.5 beat Claude Fable 5 on the Agents’ Last Exam benchmark, a one-day upset that set the tone for what Anthropic described as an “intelligence threshold” race. Anthropic said it plans to keep expanding Mythos 5 access “soon” through a broader trusted-access program.
- Revenue run rate (Anthropic, May 2026): $47 billion
- Latest funding round valuation: $965 billion
- xAI datacenter lease: $1.25 billion per month
- Fable 5 context window: 1 million tokens
- Glasswing expansion (early June 2026): about 200 organizations in 15+ countries
Frequently Asked Questions
What is Claude Fable 5?
Fable 5 is the first publicly available model in Anthropic’s Mythos class, the company’s most advanced lineup. It is the same underlying model as Claude Mythos 5, released to the public on June 9, 2026, with safety classifiers that route sensitive queries to Claude Opus 4.8.
How is Fable 5 different from Mythos 5?
Both share the same base weights. The difference is access and safeguards. Fable 5 goes to paying subscribers, while Mythos 5 is reserved for the roughly 200 organizations in Anthropic’s Project Glasswing program, where the safety classifiers are lifted in some areas.
Why does Fable 5 sometimes fall back to Opus 4.8?
Anthropic’s safety wrappers watch for three trigger categories: cybersecurity, biology and chemistry, and model distillation. Anthropic says more than 95% of Fable 5 sessions involve no fallback, and independent benchmarking service Artificial Analysis puts the actual task-fallback rate at roughly 8 to 9 percent, mostly on scientific prompts.
Is Claude Fable 5 safe to use for cybersecurity work?
The model is designed to refuse or reroute most cybersecurity queries, which makes it a poor fit for defensive security work. Anthropic recommends the more capable Mythos 5 instead, restricted to Glasswing partners and government agencies. Early users report that the wrappers also trip on adjacent fields, from medical physics to AI safety research, which is the source of much of the developer frustration.
How much does Claude Fable 5 cost?
Fable 5 lists at $10 per million input tokens and $50 per million output tokens, twice the cost of Claude Opus 4.8. Anthropic is including it with Pro, Max, Team, and Enterprise plans through June 22, 2026, after which it shifts to usage credits until the company restores subscription access.
-
GAMING4 weeks agoMicrosoft Xbox Layoffs Start in July as Sharma Slams 3% Margin
-
NEWS1 month agoGoogle Search Profiles Build a Follow Graph Inside Discover
-
AI2 weeks agoGoogle DeepMind and A24 Sign $75 Million AI Partnership Deal
-
AI2 weeks agoOracle Cuts 21,000 Jobs in a Year, Cites AI in 10-K Filing
-
APPS4 weeks agoDGO App Brings Rs 549 Mobile Pass for FIFA World Cup 2026 in Nepal
-
NEWS1 month agoOppo’s ColorOS 17 Eligibility List Leaves A-Series Buyers Behind
-
AI2 weeks agoAnthropic Tells Senators Alibaba Ran the Largest Claude Distillation Attack
-
NEWS2 months agoApple Strikes Preliminary Deal For Intel To Make iPhone And Mac Chips
