The export ban on Anthropic’s AI models Fable 5 and Mythos 5 was reportedly prompted by a simple command: “fix this code.” Security researcher Katie Moussouris was the only external expert to review the report and asserts that no jailbreak occurred. More than a hundred security experts are calling for the measure to be rescinded.
The so-called “jailbreak” that prompted the U.S. government to impose an export ban on Anthropic’s most powerful AI models was surprisingly simple. Moussouris, CEO of Luta Security and one of the founders of bug bounty programs, says she is the only external expert to have read the investigative report underlying the ban.
On Friday, the U.S. government imposed an export control regulation blocking foreign access to Fable 5 and Mythos 5. Anthropic subsequently disabled both models entirely for all users. It could restrict access to Americans only via identity verification, but is either not yet capable of doing so or unwilling to do so.
What actually happened
The predecessor to Claude Fable 5 and Mythos 5, namely Mythos Preview, has been tested by external researchers for months. Recently, some experts fed code containing known CVEs into the models and requested a security review. Fable 5 refused. They then simply asked the model to “fix” the code. It did so, and after a few follow-up steps, it also generated test scripts. Moussouris argues that this is standard defensive work. Finding, fixing, and testing vulnerabilities is exactly what security professionals do every day. Making defensive AI deployment worse at detecting bugs and validating patches is therefore counterproductive, according to Moussouris.
Wassenaar and widespread protest
Moussouris is no stranger to this debate. From 2013 to 2017, she participated in the technical expert group that renegotiated the Wassenaar Arrangement, a voluntary agreement among 42 countries on export controls for dual-use software. These agreements were originally drafted in Wassenaar and signed six months later in Vienna. The signatories secured exemptions for defensive cybersecurity, allowing researchers to exchange vulnerability information internationally without criminal liability.
She has now joined more than a hundred cybersecurity leaders who asked Washington in an open letter to reverse the restrictions. Meanwhile, Anthropic is preparing user identity verification, presumably to ensure compliance with export controls. Moussouris warns that the ban harms defenders more than attackers. After all, open-weight models and Chinese alternatives fall outside the scope of those same export controls.