The US government on Friday evening issued an export control directive ordering Anthropic to suspend all access to its Fable 5 and Mythos 5 models by any foreign national, including foreign employees at Anthropic itself. The directive, which Anthropic received at 5:21 PM ET, cited national security authorities but did not provide specific details about the underlying concern.
Anthropic disabled both models for all customers rather than attempting to implement selective geofencing at the inference layer, according to CNBC. Access to all other Anthropic models remains unaffected.
What the Government Claims
Anthropic said its understanding is that the government believes a method of bypassing Fable 5’s safeguards has been identified. One jailbreak technique was reportedly shared with government officials, which Anthropic characterized as narrow and non-universal: essentially asking the model to read a specific codebase and identify software flaws.
Anthropic reviewed the demonstration and concluded that the vulnerabilities discovered were “relatively simple” and that “other publicly-available models are able to discover them as well without requiring a bypass,” according to the company’s statement. Anthropic specifically cited OpenAI’s GPT-5.5 cybersecurity deployment as offering comparable capabilities.
Why Anthropic Disagrees
Anthropic pushed back publicly against the directive’s basis. The company outlined its pre-launch testing record: thousands of hours of red-teaming conducted with the US government, the UK AISI, multiple private third-party organizations, and internal teams. Those tests, Anthropic said, showed Fable 5’s safeguards are “substantially more effective than those of any previously deployed model.”
No testers found a universal jailbreak, a method that could broadly bypass the model’s safeguards across a wide range of capabilities, according to Anthropic. The company acknowledged that “perfect jailbreak resistance is not currently possible for any model provider” and that it adopted a defense-in-depth strategy combining narrow jailbreak resistance with monitoring and mandatory 30-day data retention for Mythos-class models.
“We disagree that the finding of a narrow potential jailbreak should be cause for recalling a commercial model deployed to hundreds of millions of people,” Anthropic wrote. “If this standard was applied across the industry, we believe it would essentially halt all new model deployments for all frontier model providers.”
The Escalating Government Conflict
The directive lands on top of an already adversarial relationship between Anthropic and the Trump administration. The Department of Defense previously declared Anthropic a supply chain risk, a designation historically reserved for foreign adversaries, which requires defense contractors to certify they will not use Claude models in military work, CNBC reported. Anthropic sued the Trump administration to reverse that blacklisting, and litigation remains ongoing.
Anthropic now faces a dual restriction regime: the Pentagon deems the company too dangerous for government use, while the Commerce Department deems its models too dangerous for foreign access.
The company said it is complying with the legal directive while working to restore access. Anthropic referenced its previously published policy position that governments should have authority to block unsafe deployments, but only “as part of a statutory process that is transparent, fair, clear, and grounded in technical facts.” The company said this action does not meet that standard.
The Precedent for Agent Infrastructure
The forced recall of two frontier models over a narrow jailbreak sets a precedent that reaches beyond Anthropic. Agent platforms and orchestration layers that depend on specific model capabilities face a new category of operational risk: a model can be pulled from production by government order with hours of notice. Fable 5 and Mythos 5 launched on June 9, giving teams barely three days before access disappeared.
For builders running autonomous agents on Anthropic’s infrastructure, the immediate question is whether fallback model routing and multi-provider architectures are robust enough to absorb sudden model withdrawals. Anthropic said it will share more details over the next 24 hours.