The Mythos class goes public: Anthropic releases Fable 5 — and access costs 30 days of data disclosure

What happened

On 9 June Anthropic released Claude Fable 5 — by its own account state-of-the-art on nearly all tested benchmarks, built for long, asynchronously running work, with advanced vision and proactive self-verification (the model updates its own skills and builds its own harnesses and evaluations). Fable 5 is the same model as Mythos, but with guardrails: prompts in the areas of cybersecurity, biology, chemistry and health fall back to a response from Opus 4.8. The unrestricted counterpart, Claude Mythos 5, goes only to a small circle of vetted customers — by Anthropic’s account it has the strongest cybersecurity capabilities of any model worldwide, including vulnerability discovery, drug design and biodefense screening. Both cost 10/50 US dollars per million input/output tokens — double the price of Opus 4.8. On AWS, Fable 5 is available now via Amazon Bedrock (N. Virginia and Stockholm regions) and the Claude Platform on AWS.

Assessment

The structural point is not the benchmark ranking but the availability. A capability that was so far internal and tightly regulated — vulnerability discovery at Mythos level — is now out twice over: broadly available in the dampened Fable variant and undampened within a defender circle. The safeguard design is notable: the guardrail is not pure in-model alignment but a capability routing — dangerous cyber, bio and chemistry requests are redirected to the weaker Opus 4.8. But that changes nothing about the uncomfortable baseline: the cost of finding an n-day — and in part a 0-day — drops across the industry. Whoever attacks gets cheaper, faster reconnaissance; that is the real news for anyone running production systems.

First hands-on test

We put Fable 5 straight against a real workflow — interesting, but not groundbreaking. Despite the Cyber Verification Program (CVP), the same tests did not run as with Opus 4.8. Fable 5 carried out a security audit and found several potential vulnerabilities — and wrote the findings to a Markdown file we could use; that was not the problem. But as soon as solutions and a proof of concept were part of the task, the model refused the next step: a prompt that asked for audit and remediation together was declined. Implementing the fixes then fell to Opus 4.8 — so the division of labour was: Fable 5 delivers the audit, Opus 4.8 the remediation. We have not yet evaluated autonomous coding with Fable 5 at this point. In short: the audit findings themselves are usable — what Fable refuses is the remediation. As soon as a solution or PoC is in the prompt, the guardrail reads it like an exploit request and blocks exactly the step a defensive task actually needs.

What it means for mid-sized companies

This is where the catch sits that the headlines skip. To call Fable 5 or any other Mythos-class model on Bedrock at all, you must enable data disclosure — via the Data Retention API with provider_data_share. Anthropic requires 30-day retention of all inputs and outputs plus human review for all Mythos-class traffic. AWS states it plainly itself: once you enable retention, your data leaves AWS’s data and security boundary. In plain terms: every prompt — and in a developer’s day-to-day that quickly contains source code, customer data or infrastructure details — is held for 30 days and reviewed by humans, outside the perimeter you contracted for.

That is not a convenience but a data-export decision, and it belongs settled before the first token: Art. 28 GDPR (processing on behalf, including human review), Art. 32 (technical and organisational measures) and the third-country question, because inference and review take place outside the EU. Anyone flipping on provider_data_share reflexively has authorised a transfer they will have to explain to a supervisory authority. In parallel, the threat side: assume that vulnerability discovery against your systems just got cheaper — patch cadence, a complete SBOM inventory and closing exposed n-days are now the baseline, not a bonus.

What it means for technical development

Two patterns are relevant for your own stacks. First, capability routing as a security pattern: a fallback to a weaker model for defined risk classes is a deterministic guardrail at the system level that you can rebuild in your own agent operations. Second, the governance pattern itself — a dampened public model alongside an undampened, tightly fenced twin. Others will copy this; anyone integrating models should expect that access will be tied to data and review obligations in future, not just to an API key.

Concrete recommendation

Our current verdict first: for our work we currently see no advantage in Fable 5. In the security workflow the remediation block removes exactly the part that creates the value — and implementing the fixes was something we had to leave to Opus 4.8 anyway. Before any deployment, Fable 5 would first have to be tested more broadly and critically evaluated from a data-protection angle — including the question of where a deployment is even sensible and legally clean. From that follows, in this order: First, treat provider_data_share on Bedrock as what it is — a data transfer to a third country with 30-day retention and human review — and do not enable it for any workload touching code, customer or infrastructure data before the DPA, technical and organisational measures and the third-country basis are clarified. Second, take the threat situation as given, independent of your own tooling: tighten patch SLAs, finish the SBOM inventory, internet-facing services and open n-days first. This article reflects our technical and strategic assessment. It does not replace legal advice or a data protection impact assessment.

Sources

• Anthropic — Claude Fable 5 and Mythos 5 (09 June 2026, primary source)
• AWS News Blog — Anthropic Claude Fable 5 on AWS: Mythos-class capabilities with built-in safeguards now available (09 June 2026)
• TechCrunch — Anthropic released Claude Fable 5, its most powerful model publicly, days after warning AI is getting too dangerous (09 June 2026)
• CNBC — Anthropic releases Mythos-like AI model to the public, Claude Fable 5 (09 June 2026)