Anthropic ships Claude Fable 5: a capable model behind a safety curtain

Anthropic launched Claude Fable 5 on Tuesday, a Mythos-class model it has made safe enough for general use. The company calls it the most capable model it has ever released broadly, and the benchmarks back that up: state-of-the-art scores on software engineering, vision, knowledge work, and scientific reasoning. But the release comes with a structural compromise. Fable 5’s safeguards mean that queries on certain sensitive topics — cybersecurity, for example — are silently rerouted to a less capable model, Claude Opus 4.8. The safety curtain that lets Anthropic ship Fable 5 to everyone also defines its limits.

The model is the same underlying architecture as Claude Mythos 5, a restricted variant Anthropic is making available only to a small group of cyberdefenders and infrastructure providers through Project Glasswing, in collaboration with the US government. Mythos 5 has the safeguards lifted in some areas and, Anthropic says, has the strongest cybersecurity capabilities of any model in the world. The two models are identical under the hood. What differs is the permission boundary.

That boundary matters because Fable 5’s capabilities are genuinely new. On software engineering, Stripe reported that the model compressed months of engineering into days, performing a codebase-wide migration in a 50-million-line Ruby codebase in a day that would have taken a full team over two months by hand. On Cognition’s FrontierCode evaluation, which tests whether models can pass difficult coding tasks while meeting production-codebase standards, Fable 5 scores highest among frontier models, even at medium effort. On Hebbia’s Finance Benchmark for senior-level reasoning, it has the highest score of any model. And on vision tasks, it can rebuild a web app’s source code from screenshots alone.

The model also shows a step change in autonomous, long-horizon work. It beat the game Pokémon FireRed with a minimal, vision-only harness — no maps, no navigation aids, no extra game-state information. Earlier Claude models needed a complex helper harness to play the same game. When playing the deck-building game Slay the Spire, giving Fable 5 access to persistent file-based memory improved its performance three times more than for Opus 4.8, and Fable reached the game’s final act three times more often.

The most striking results come from Mythos 5 in scientific research. Anthropic’s internal protein design experts used Mythos 5 to accelerate aspects of the drug design process by around ten times. In one example, the model matched or beat skilled human operators, executing all the tasks a scientist normally completes: choosing binding sites, selecting and running protein design tools, and recovering from failures along the way. Nine of 14 protein targets from that study yielded strong candidates for drug design that Anthropic is now investigating.

Mythos 5 also produced novel, compelling scientific hypotheses. In blinded head-to-head comparisons against Opus-class models, Anthropic’s scientists preferred Mythos’s molecular biology hypotheses roughly 80 percent of the time, and have advanced several to experimental evaluation. One Mythos hypothesis — a novel mechanism for an E. coli protein — was independently corroborated by a lab working on the same problem. And in genomics, Mythos 5 conducted over a week of largely autonomous work, assembling single-cell data for millions of cells spanning 138 animal species, designing and training a custom machine learning model that outperformed a recent model published in the journal Science, despite being 100 times smaller.

These are not incremental gains. They represent a qualitative shift in what a model can do without human intervention. And they raise the question of what Fable 5’s guardrails are actually protecting against.

Anthropic says the safeguards are tuned conservatively, triggering in less than 5 percent of sessions. But that 5 percent covers the model’s most dangerous capabilities — the ones that make Mythos 5 valuable to cyberdefenders. The company is explicit about the tradeoff: “Without safeguards, Fable 5’s capabilities in areas like cybersecurity could be misused to cause serious damage.” The solution is to let Fable 5 answer most queries, but route the most sensitive ones to a model that is less capable and therefore less dangerous.

This is a defensible approach. It is also a fragile one. The guardrails depend on a classifier that decides which queries are sensitive. That classifier will make mistakes — false positives that frustrate users, and false negatives that let dangerous queries through. Anthropic acknowledges the false positives are a problem. “They’ll sometimes catch harmless requests,” the company says, and it is working to reduce them. But the false negatives are the ones that keep safety researchers up at night.

The pricing is notable. Fable 5 and Mythos 5 are offered at $10 per million input tokens and $50 per million output tokens — less than half the price of Claude Mythos Preview. Anthropic is betting that lower prices will drive adoption, which will generate the usage data needed to improve the guardrails. That is a reasonable bet, but it also means the model’s safety properties will be stress-tested in production, not in the lab.

For AI builders, Fable 5 is the most capable model they can deploy without special government clearance. For tasks that do not touch the guardrails, it is a significant upgrade over Opus 4.8 — faster, cheaper, and better at long-horizon tasks. For tasks that do touch the guardrails, the model silently degrades to Opus 4.8, and builders may not know why their results are worse.

The real test of Fable 5 is not whether it beats benchmarks. It is whether the guardrails hold up under real-world use, and whether Anthropic can narrow the gap between what Fable 5 can do and what Fable 5 is allowed to do. The company has shipped a remarkable model behind a safety curtain. The question is how long the curtain stays up.