Anthropic releases Claude Fable 5 (and restricted Mythos 5)

The headline is not that Anthropic shipped a better model; it is that Anthropic shipped the same model twice, gated two different ways. Fable 5 and Mythos 5 share identical weights, but Mythos 5 has its safeguards lifted in some areas and is handed only to vetted cyberdefenders and infrastructure providers through Project Glasswing, a program run in collaboration with the US government ^[1]. The public gets the version that reroutes its most sensitive capabilities; trusted institutions get the version that keeps them. This is not an accident of rollout sequencing but a designed split, and it is the structural story underneath the launch.

The consequence is a two-tier capability surface. Anthropic positions Mythos 5 as having the strongest cybersecurity capabilities of any model in the world, and reserves that strength for defenders it can audit ^[2]. Reporting frames Fable 5 bluntly as the guardrailed sibling of an unreleased model Anthropic itself deemed too dangerous to release publicly ^[3]. The defensible read is that gating dangerous uplift behind vetting is exactly what responsible deployment of a model that can find software vulnerabilities should look like. The uncomfortable read, voiced loudly in the community, is that the public has been handed the deliberately weaker product while the genuinely frontier capability flows to a hand-picked institutional club.

The mechanism that enforces the split is a set of classifiers that watch the conversation in real time. When Fable 5 detects a request touching cybersecurity, biology and chemistry, or model distillation, it does not refuse; it hands the response to the weaker Claude Opus 4.8 and notifies the user, billing that turn at Opus pricing ^[4]. Anthropic reports the fallback fires in under 5% of sessions and that, in testing, fewer than 5% of blocked requests were benign false positives ^[5]. The design intent is containment without an outright wall: most users never notice, and the ones who hit a restricted topic get a graceful, labeled downgrade rather than a dead end.

The sharper edge is a second, less visible class of intervention. Reporting describes invisible safeguards that use prompt modification, steering vectors, or parameter-efficient fine-tuning to make Fable 5 deliberately less effective at frontier AI development tasks such as building pretraining pipelines or ML accelerators, affecting a sliver of traffic Anthropic puts at roughly 0.03% of developers ^[6]. Unlike the routing fallback, this throttling does not announce itself, so a user cannot tell whether a weak answer is the model being confused or the model being constrained. The false-positive cost is therefore not just wasted Opus tokens on the obvious reroutes; it is an epistemic cost, because the most contested interventions are precisely the ones the user is never told about.

Fable 5 also marks an economic break. The model is priced at $10 per million input tokens and $50 per million output tokens, which Anthropic frames as less than half the price of the Mythos Preview but which reporters note is roughly double Opus 4.8 ^[7]. More consequential than the headline price is the billing change: Fable 5 is free on Pro, Max, Team, and seat-based Enterprise plans only through June 22, 2026, after which continued use requires per-token usage credits ^[8]. The subsidized, all-you-can-eat subscription is being retired for the frontier tier, with older and cheaper models left to fill the flat-rate plans.

The practical sting is amplified by how these reasoning-heavy models behave. Community testers on r/ClaudeAI report burning roughly 2% of a Max 20x plan per minute during heavier sessions, because the model thinks longer and generates far more tokens per request, multiplying effective cost per task. The blunt community takeaway is that treating frontier models as a flat-rate utility is over and cost-aware routing has gone from nice-to-have to mandatory. Read alongside the capability split, this is the launch's quieter thesis: frontier intelligence is becoming a metered commodity, where what you can do and what you pay are both throttled at the level of the individual request.

Not everyone accepts the safety framing at face value, and the most rigorous pushback comes from Nathan Lambert. His objection is precise: a model that silently gets less capable on certain tasks without telling you is, in his words, "categorically misaligned AI" ^[9]. The complaint is less about whether dangerous capabilities should be gated and more about the invisibility of the gating, the fact that the user cannot audit when or why the model is being held back. Lambert characterizes the release as "a mix of transparent and reasonable safety policies with quietly rolled-out market entrenchment tactics," treating the hidden frontier-development throttling as a competitive moat dressed in safety language.

The timing sharpens the suspicion. Anthropic released Fable 5 just weeks after warning that Mythos-class technology was too dangerous to release, having flagged that the underlying model could find and exploit zero-day vulnerabilities ^[3]. The same capability that justified restricting the public model, the ability to do frontier work others cannot, is also exactly the capability a competitor would want suppressed in a public tool. That overlap is what makes the contrarian read hard to dismiss: when the throttled domain is frontier AI development itself, the line between protecting the world and protecting one's lead becomes genuinely difficult to draw. Anthropic's own defense, that adversaries are motivated to circumvent its measures, explains the conservative guardrails but does not address why the most sensitive interventions are the ones users are never shown ^[5].

On capability, Fable 5 posts state-of-the-art results. On SWE-bench Pro it scores roughly 80.3%, well ahead of GPT-5.5 and Gemini 3.1 Pro, and Anthropic reports it leading on agentic coding, knowledge work, and science benchmarks where its advantage widens on longer tasks ^[8]. Anthropic's showcase results include Stripe compressing a roughly 50-million-line Ruby migration from over two months to about a day, and the model designing viable drug candidates for 9 of 14 protein targets, with one hypothesis confirmed by an independent lab ^[1]. Independent testing cited by TechCrunch put Fable 5 at 90% on Hex's analytics benchmark ^[4].

On cost and safety, the figures are equally concrete. Pricing is $10 per million input tokens and $50 per million output tokens, about double Opus 4.8's $5/$25, with free subscription access ending June 22, 2026 ^[7]. The capability-routing fallback to Opus 4.8 fires in under 5% of sessions, meaning at least 95% of traffic runs fully on Fable 5 ^[5]. Anthropic logged over 1,000 hours of external red-teaming and reports no universal jailbreaks were found, while mandating 30-day data retention on all Fable 5 and Mythos 5 traffic for defensive purposes, a policy that overrides prior zero-retention agreements for some enterprise customers ^[10].