For makers and artists, the arrival of new generative models means navigating a landscape where powerful tools are deliberately shackled to prevent misuse. On Tuesday, Anthropic unveiled Claude Fable 5 for public use and Claude Mythos 5 for a select circle of industry partners. These models boast capabilities surpassing the Mythos Preview released in April, yet their launch was delayed by fears that bad actors could weaponise them to build hacking tools that would outpace defenders.
A split release strategy
Access to Claude Mythos 5 remains restricted to a limited group of industry partners, many of whom were granted early access to the April preview. Anthropic states it is working closely with the US government to manage this rollout.
In contrast, Claude Fable 5 is available to the public. While it relies on the same underlying architecture as Mythos 5, it comes with strict guardrails. At launch, the model will refuse to answer questions related to cybersecurity, biology, and chemistry, instead rerouting these queries to the older Claude Opus 4.8. Furthermore, if Anthropic detects an attempt to distil the model—training a smaller AI on its responses—those requests will also be diverted to the older version.
Defining the boundaries
Diane Penn, Anthropic’s head of Product Management, told WIRED that the company has wrestled with how to manage Mythos’s vulnerability-discovery powers since before its April debut. Testing and feedback from users since then helped refine their approach.
“We’re trying to make improvements in a way that’s beneficial, even if we don’t have the perfect [solution] for every use case to start,” Penn says. “Out of all the different approaches, this emerged as the most viable and the best one. We just ended up feeling like this was the best product choice for users to get the maximum value out of Fable 5.”
Penn notes that the current protective mechanism errs on the side of caution. This means some harmless queries may be sent to the less capable Claude Opus 4.8. While Anthropic aims to sharpen its classifiers over time, Penn insists this cautious approach was the only safe method for a broad release at this moment.
Exclusive access and future threats
Beyond the Project Glasswing partners, Anthropic is granting access to select biology researchers. The blog post accompanying Tuesday’s launch notes that these small groups receive unrestricted versions “until our trusted access program is available,” suggesting future expansions. Since April, Anthropic has warned that competitors in both private and open-weight spaces will inevitably release models with Mythos-level capabilities.
The ability of models like Claude Mythos to design hacking tools for both new and legacy software has forced tech firms and governments to harden their defences before such power is widely accessible. Project Glasswing was established to give members a head start in securing their own systems and developing global solutions before a wider release.
In a recent update on Project Glasswing, Anthropic stated: “We’re working as quickly as we can to safely release Mythos-level capabilities in general access. To do so, we’ll need highly robust safeguards that prevent the model’s cyber capabilities from being misused—safeguards that we (and, to our knowledge, all other AI developers) have yet to develop.”
The cost of caution
Claude Fable 5, named after the literary form much like Anthropic’s Haiku, Sonnet, and Opus, promises improved performance in software engineering and visual understanding tasks. However, this power carries a premium. Developers will pay $10 per million input tokens and $50 per million output tokens. This is double the cost of Anthropic’s standard public models, though cheaper than the Mythos Preview.
The restricted nature of the public release highlights a business tension: Anthropic wants to generalise these models before the industry fully resolves the associated cybersecurity risks. In April, OpenAI similarly launched a private model with advanced cybersecurity features and formed a working group akin to Project Glasswing. Both companies have confidentially filed for IPOs and are racing to impress investors before becoming public entities later this year.
Even as an interim measure, the resilience of Claude Fable 5’s safeguards in real-world scenarios remains to be tested. Anthropic reports that over 1,000 hours of red-teaming found no universal jailbreaks. Nevertheless, the underlying fears about the adequacy of protection measures persist, echoing the reasons for withholding Mythos-class models from the public in April.
Key takeaways
- Claude Fable 5 is the public version of the powerful Mythos 5 model, but it includes guardrails that block queries on cybersecurity, biology, and chemistry, rerouting them to the older Opus 4.8.
- Access to the unrestricted Claude Mythos 5 is currently limited to Project Glasswing partners and select biology researchers, with collaboration ongoing with the US government.
- Developers using Claude Fable 5 will pay double the standard rate, at $10 per million input tokens and $50 per million output tokens.
- Anthropic faces pressure to release these capabilities broadly before competitors do, despite ongoing concerns about the ability to build robust safeguards against misuse.
Stay ahead of AI. Get the most important stories delivered to your inbox — no spam, no noise.
