Secretary of Commerce Howard Lutnick’s export-control directive
The Commerce Department, in a letter from Secretary of Commerce Howard Lutnick to Anthropic Chief Executive Dario Amodei, ordered the company to immediately suspend foreign access to Fable 5 and Mythos 5, Anthropic’s two most advanced models. The directive placed those models under export controls that bar use by foreign nationals whether inside or outside the United States, and it explicitly covered foreign-born Anthropic employees. Because of that scope, Anthropic disabled the two models Friday evening to ensure compliance. The company said access to its other AI models was not affected.
What the government described — and what Anthropic says it showed
The Commerce Department’s letter did not detail the specific national security concern. In a blog post, Anthropic said its understanding was that the government had become aware of a technique for “jailbreaking” Fable 5 — a term used for methods that attempt to circumvent a model’s built-in safety guardrails. Anthropic said the government provided only verbal evidence of what it described as a “narrow, non-universal jailbreak,” which the company summarized as prompting the model to read a specific codebase and identify software flaws.
Anthropic disputed the severity of the finding. The company said it reviewed a report it believes formed the basis of the government’s directive and concluded the demonstrated capabilities were already available in other publicly accessible models, including OpenAI’s GPT-5.5. Anthropic added that those same capabilities are routinely used by cybersecurity professionals for defensive purposes.
Fable 5, Mythos 5 and Project Glasswing
Fable 5 and Mythos 5 had been released earlier in the week; Anthropic described them as the most capable systems it had ever deployed. Mythos 5 was available to members of Project Glasswing, a program that allowed selected cybersecurity companies to use the model to identify and address security flaws. The Commerce Department action left it unclear how Project Glasswing — and members of that program — would be affected. Separately, the company acknowledged that the National Security Agency had been given Mythos 5 to conduct offensive cyber operations.
Industry signals: technical framing and political reactions
Technical and policy voices reacted sharply. Katie Moussouris, chief executive of Luta Security, wrote on BlueSky that the issue stems from “Defense Oriented Prompting,” a security-first method of engineering AI system instructions that treats natural language as code. Other reports attributed the flag to Amazon; Amazon did not respond to CyberScoop’s request for comment. Anthropic acknowledged that perfect jailbreak resistance is not achievable for any model provider and described Fable 5’s protections as a “defense in depth” approach combining narrow jailbreak resistance with active monitoring. The company said no testers had found a universal jailbreak capable of broadly bypassing the model’s safeguards.
Reactions to the government’s move split along interpretive lines. Dean Ball, a senior fellow at the Foundation for American Innovation, called the action “baffling.” Chris McGuire, a senior fellow at the Council on Foreign Relations, said targeted export controls could be legitimate in principle but described the across-the-board restriction as “highly questionable” and the deemed export provisions — which restrict foreign nationals inside the U.S. — as “just absurd.” Aaron Levie, chief executive of Box, called the directive “a big turning point for AI regulation,” arguing that deeming specific models too powerful for certain uses establishes a consequential precedent. By contrast, the Department of Defense chief information officer, Kirsten Davies, posted on X that she and other tech leaders “fully support @POTUS and @SecWar in prioritizing national security” and framed the decision as protecting critical interests.
What this means for cybersecurity teams, policymakers, and foreign nationals
- Cybersecurity teams: Anthropic and others contend the capability at issue — having a model read code and identify flaws — is already in public models and used defensively; teams that rely on such models may face sudden disruption if access policies change.
- Policymakers and regulators: The Commerce Department’s use of export controls to restrict model access establishes a tool that some analysts view as legitimate but others view as sweeping; the action highlights choices about scope, transparency, and how evidence is presented to companies.
- Foreign nationals and foreign‑born employees: The directive’s deemed-export provisions explicitly extend to foreign nationals both outside and inside the United States, a constraint that prompted Anthropic to disable the models in order to comply.
Anthropic said it believes the situation stems from a misunderstanding and is working to restore access as soon as possible. The Commerce Department provided no public technical detail in its letter, and the government’s verbal presentation of the alleged jailbreak — described by Anthropic as “narrow” and “non-universal” — has left observers debating whether the response matched the risk. The episode follows earlier friction between Anthropic and the Trump administration, including a February move by President Donald Trump to bar Anthropic products from federal agencies and a more recent executive order directing federal agencies to bolster cyber defenses and create a voluntary mechanism for early government access to powerful models.
The immediate outcome is concrete: two models taken offline for foreign users and for foreign‑born employees. The broader outcome is now political and procedural — a test case of how export controls and classified or verbal technical findings can shape the public availability of frontier AI systems.
