On June 9, 2026, Anthropic launched Claude Fable 5. On June 12, at 5:21pm ET, the US government sent a letter ordering Anthropic to suspend all access to Fable 5 and Mythos 5 for any foreign national, anywhere in the world, including Anthropic’s own employees. No explanation. No timeline. No process.
Anthropic pulled both models globally within hours.
This is not a story about a jailbreak. It is a story about who controls an AI capability, under what rules, and what happens when no rules exist.
The Government That Wanted Both
The Trump administration declared Anthropic a supply chain risk in early 2026 after the DOD demanded Anthropic permit its technology for autonomous weapons and mass surveillance. Anthropic refused. The Pentagon blacklisted the company, barred defense contractors from using Claude, and signed major AI deals with OpenAI, Google, Microsoft, and Nvidia while cutting Anthropic out entirely.
That same government, months later, used Anthropic’s own safety language as the legal predicate to seize control of its most capable model.
And the NSA was using Mythos the entire time.
The incoherence here is not incidental. The government blacklisted Anthropic for being too principled, relied on Anthropic’s capability for its own operations, and then cited Anthropic’s public safety warnings to justify pulling the model from everyone else. That is not a national security policy. It is a posture of control that changes its justification depending on which outcome it needs.
The Predicate Was Real. The Process Was Not.
Anthropic spent months building the case that Mythos was a weapon-class capability. Project Glasswing launched in April with explicit language: the model surpasses all but the most skilled humans at finding and exploiting software vulnerabilities. The company warned that without safeguards, the fallout for economies, public safety, and national security could be severe.
On June 10, one day after Fable launched, Dario Amodei published a policy essay explicitly calling for government authority to block or reverse the release of frontier AI models that fail independent safety testing. He compared it to the FAA grounding unsafe aircraft. Two days later, the government used exactly that authority against Anthropic.
Cybersecurity researcher Peter Girnus put it plainly: “If you describe your product as a munition in every press release, eventually a government takes you at your word. They wrote the legal predicate themselves and called it a brand.”
The predicate was real. Mythos is a genuinely powerful capability, and Anthropic was not wrong to say so. But by Sunday, reporting from Axios indicated that “personality differences” between Anthropic and the Trump administration drove the directive more than any technical finding about the model. The jailbreak, such as it was, appears to have been the mechanism. The fractured relationship was the cause.
That distinction matters enormously. If the export control was retaliatory, then the safety predicate was not a trigger. It was a tool. A lever available to any administration that decides a company has become inconvenient. The governance gap is not just that no process exists for legitimate intervention. It is that no process exists to prevent illegitimate intervention from using the same legal authority.
The Letter at 5:21pm
Commerce Secretary Howard Lutnick sent the directive to Dario Amodei on a Friday evening. It offered no specific national security rationale. It gave no timeline for restoration. It named no standard that, once met, would end the suspension.
Anthropic says it was told verbally that the concern was a narrow, non-universal jailbreak, essentially that asking Fable to read a codebase and fix vulnerabilities could surface security flaws. The company disputes that this constitutes a meaningful bypass. Katie Moussouris, who reviewed the Amazon research paper that reportedly triggered the action, concluded it did not demonstrate a real jailbreak at all. She described the researchers’ technique as the core defensive use case security teams run every day, asking a model to fix code rather than review it for issues, and stated that the behavior cannot meaningfully be fixed without weakening the model for defense.
The government has not released the paper. The criteria it used to evaluate the technique are not public. The threshold between an acceptable model capability and a national security threat has not been defined anywhere.
What the administration did produce was a Friday letter, a David Sacks post on X the following night, and a Pentagon chief information officer posting that the DOD supported prioritizing national security. That is the full public record of the process. As TechCrunch’s security editor noted, the action did not appear to require court approval.
Who Lost Access and Who Did Not
When the directive landed, Anthropic had no technical mechanism to verify user nationality per API session in real time. The result was a global shutdown. Not just Fable users. Glasswing partners in 15 countries, including NATO and ENISA, were cut off with no notice. Korean partners including the Korea Internet and Security Agency, SK Telecom, and Samsung lost access. Andrej Karpathy, one of Anthropic’s own senior AI scientists, was locked out of his company’s most capable model because he is not a US citizen.
The NSA, operating under the same Department of Defense that declared Anthropic a supply chain risk, reportedly continued using Mythos.
The capability was fine until it wasn’t theirs to control.
The Open Letter and Its Contradiction
Within 48 hours, more than 120 cybersecurity executives signed an open letter at freefable.org addressed to Commerce Secretary Lutnick and National Cyber Director Sean Cairncross, calling the action dangerous and urging its reversal. Signatories include executives from Adobe, Zoom, Sophos, and Nvidia.
The letter is substantively correct on the technical argument: Fable’s vulnerability-finding capability is not unique to Fable. The same technique reportedly works on OpenAI’s GPT-5.5, on Anthropic’s own Opus 4.8 and Sonnet, and on Chinese frontier models including Kimi 2.7. Pulling one model does not remove the capability from the threat landscape. It removes it from defenders.
What the letter does not mention is that at least four of its signatories co-authored Cloud Security Alliance research in April warning enterprises to prepare for an era of Mythos-enabled cyberattacks. The capability did not change between April and June. The holder did. When Anthropic controlled access under Glasswing, Mythos was a danger requiring enterprise preparation. When the government suspended it, Mythos was an essential defensive tool that must be restored immediately.
This is not hypocrisy in the ordinary sense. It reflects something more structural: there is no stable, publicly defined standard for when AI capability is acceptable and when it is not. Everyone is improvising. The government, the industry, the open letter signatories. The rules are being written in real time by whoever currently holds the capability.
The Gap
Named: The US government issued an export control directive suspending a commercially deployed AI model used by hundreds of millions of people, citing a national security concern it has not disclosed, using criteria it has not defined, through a process with no public record, no independent review, no court approval, and no stated path to restoration. Reporting now indicates the technical justification may have been secondary to a political one. Whether the intervention was legitimate or retaliatory, the outcome is the same: there is no governance framework governing when and how an AI capability can be seized. There is only a letter.
Classification: Structural. Acute. The absence is not a gap in a specific regulation. It is the absence of any regulatory architecture for government intervention in deployed AI systems.
Status: Active. Senior Anthropic staff are in Washington today negotiating an outcome. No timeline exists. No standard has been published. The next directive will arrive the same way this one did.
Vordan position: The government’s stated justification shifted across three days: a jailbreak concern, a refused patch, suspected Chinese access, a Friday evening letter, and now reporting that suggests personality and politics drove the decision as much as any technical finding. None of these accounts are mutually exclusive. What is consistent across all of them is the absence of any transparent, accountable, democratically grounded process. A capability this consequential, and both Anthropic and the government agree it is consequential, deserves a governance framework equal to that consequence. What exists instead is power exercised without process. That is the gap.
Vordan produces independent accountability analysis of technology governance, legislation, and institutional design. The Gap Alert series identifies structural accountability failures before they become recorded incidents.
Sources
[1] Anthropic, “Statement on the US government directive to suspend access to Fable 5 and Mythos 5,” June 12, 2026. https://www.anthropic.com/news/fable-mythos-access
[2] Semafor, “White House move to limit Anthropic linked to concerns about Chinese access to Mythos,” June 13, 2026. https://www.semafor.com/article/06/13/2026/white-house-move-to-limit-anthropic-linked-to-concerns-about-chinese-access-to-mythos
[3] Fortune, “A warning from Amazon led the White House to shut down Anthropic’s Mythos model,” June 14, 2026. https://fortune.com/2026/06/14/how-a-warning-from-amazon-led-the-white-house-to-shut-down-anthropics-mythos-model/
[4] TechCrunch, “Cybersecurity vets protest ‘dangerous’ US government ban on Anthropic’s most powerful models,” June 15, 2026. https://techcrunch.com/2026/06/15/cybersecurity-vets-protest-dangerous-us-government-ban-on-anthropics-most-powerful-models/
[5] freefable.org, “Open Letter on Transparent AI Cyber Protections,” June 14, 2026. https://freefable.org/
[6] CNBC, “Anthropic to meet with Trump administration over Mythos dispute,” June 15, 2026. https://www.cnbc.com/2026/06/15/anthropic-mythos-trump-ai.html
[7] Eastern Herald, “Security Executives Tell Lutnick to Free Fable. Some of Them Spent April Warning the World How Dangerous It Was,” June 15, 2026. https://easternherald.com/2026/06/15/security-executives-free-fable-anthropic-export-controls-lutnick-june-2026/
[8] Fortune, “Anthropic disables Fable and Mythos AI models following US export controls,” June 13, 2026. https://fortune.com/2026/06/13/anthropic-disables-fable-mythos-export-controls-national-security-threat/
[9] TechCrunch, “The US government’s Anthropic models ban was never about an AI jailbreak,” June 15, 2026. https://techcrunch.com/2026/06/15/the-us-governments-anthropic-models-ban-was-never-about-an-ai-jailbreak/