In partnership with
The government switched off the best AI model in the world, and the letter didn't say why.
Last Friday at 5:21pm ET, Anthropic got a directive from the US Commerce Department. By the time most of the East Coast was logging off, Fable 5 and Mythos 5, its two most capable models, were dark. Not deprecated. Not rate-limited. Off. Three days after Fable 5 launched, the government reached into prod and pulled the plug.
The mechanism was an export control. The letter, per Anthropic, "did not provide specific details" of the national security concern. The scope is the part that made me sit up: the order bars access by any foreign national, not just people overseas, but foreign nationals inside the US, including Anthropic's own non-citizen employees. There is no clean way to enforce "everyone except green-card holders can use this API," so Anthropic did the only thing it could. It turned the whole thing off for everybody.
I've stared at this all weekend trying to decide who's right. I can't. But the two sides are far apart, so let me lay them out.
Sacks says Anthropic picked the product over safety.
Here's the government's version, mostly from David Sacks, the administration's AI guy, on X. Fable is just Mythos with guardrails, he says, so a jailbreak hands Mythos's cyber capabilities to people who shouldn't have them. A "trusted partner of both Anthropic and the US government" found exactly that bypass in Fable 5. The administration asked Dario Amodei to fix it or pull it. He refused. "The ball is in Anthropic's court."
Politico reconstructed the 24 hours, and it sharpens the government's side. Amazon's Andy Jassy flagged the jailbreak on Thursday. By Friday afternoon Amodei, pulled out of a wellness retreat, was on three tense calls with Bessent, Lutnick, and others, defending his guardrails and drawing the universal-versus-narrow line. They weren't buying it. One official said Amazon's findings were run past the NSA, who "felt they had proof," and tied the urgency to suspicion that a China-linked group had touched Mythos. Bessent told Amodei flatly he was making a "bad decision." He still wouldn't pull the model, so the controls landed that night. "Export controls were a last resort after begging them for hours to work with us," a senior official said.
Anthropic says it was a narrow bug that every model has.
Now Anthropic's version, which is where my engineer brain starts itching. The company says the jailbreak it was shown is "narrow, non-universal," and that it "essentially consists of asking the model to read a specific codebase and fix any software flaws." If that sounds familiar, it should: that's just Mythos doing the vuln-hunting thing I wrote about in April. Anthropic says other public models, GPT-5.5 included, do the same trick without any bypass at all. No red-teamer has found a universal jailbreak. Their line: "We disagree that the finding of a narrow potential jailbreak should be cause for recalling a commercial model deployed to hundreds of millions of people."
And on China? Anthropic says the White House never raised Chinese access during the jailbreak conversation. Semafor admits "it's unclear how the White House learned of the issue, which organization accessed the model, and how it gained access." So the scariest part of the story, the foreign-adversary part, is the part with the least evidence behind it.
Neither side is really fighting about the jailbreak.
This clicked once I read it as a standoff, not a safety story. Anthropic refusing to patch on demand looks insane. You're poking the one player who controls your export licenses and federal contracts, in a game you'll replay forever. But the bug was never the prize. The precedent was. Patch the second the government points, and you've blessed a rule where a model dies on an unaudited say-so with no evidence shown. That rule is fatal to a frontier lab, so they ate a dark flagship to refuse it.
The government swung an oversized hammer for the same reason. Barring every foreign national, their own employees included, was blunt on purpose. It's a resolve signal aimed at OpenAI and Google, not really at Anthropic. And export controls were the weapon of choice because "national security" lets you act on proof you never have to show, NSA review or not.
So it's a game of chicken. Both sides eat damage, both wait for the other to blink, and whoever needs Fable back less wins. The government is betting it holds enough future chips, licenses, contracts, the regulatory roadmap, that Anthropic folds first.
And it's not a one-off. Chamath Palihapitiya called this the second Anthropic-versus-Washington blowup in 90 days, with Dario as the out-of-band actor whose every clash resolves to "someone's lying, and it isn't me." The worry is the next round. When Anthropic ships its next super-brain, does a CEO this sure of his read cooperate, or route around the government with the most powerful tool on the board?
The scary part isn't the bug. It's how easy the off switch was.
Here's what keeps me up, and it's not whose jailbreak claim is true. It's that the off switch worked, fast, on a justification we can't audit.
Think about it from a cap table. Some seed-stage founder spent six months building on Fable 5, their whole moat being early access to the best model. That moat evaporated because of a letter they will never read, citing a vulnerability they can't evaluate, naming a threat actor nobody has confirmed exists. That's not platform risk in the old sense, where the platform changes its pricing or its terms. That's geopolitical risk wired directly into your tech stack, with a kill switch held by people who don't have to show their work.
And the bitter irony, which Sacks pressed and the researcher Peter Girnus put best, is that Anthropic "wrote the legal predicate themselves." This is the safety company. For years they told everyone, sincerely, that Mythos was powerful enough to be a cyberweapon that needed regulating. They built the whole brand on it. So Sacks quoted Anthropic back to itself: you called it dangerous, asked to be regulated, now patch it. You don't get to spend years saying "this thing is too dangerous to release carelessly" and then act shocked when the state takes you literally. Dean Ball called the move "cartoonish." Maybe. But the script was co-written.
So is the government overreaching? My gut says yes, an unaccountable shutdown on unverifiable grounds should scare you however the jailbreak claim shakes out. But I keep flipping it over. If a frontier model really had been compromised by a hostile state, would I want them to wait for a press-ready evidence package first? I genuinely don't know. What I do know is that the precedent now exists, the tooling works, and it took one afternoon.
I came into this week thinking I'd write a tidy "the feds went too far" piece. I can't, quite. The bug is real, the threat is blurry, and the switch is clearly load-bearing now. If you're building on someone else's model, that switch is on your cap table too, whether you priced it in or not. I sure hadn't.
— SWEdonym
Build the AI skills senior engineers need to get ahead
AI is already handling large parts of execution. That shift is not coming later. It is happening now.
What is left, and becoming more valuable, is the ability to design systems, apply AI thoughtfully, and own outcomes in production. That is the work strong teams expect from senior engineers in 2026.
Gauntlet is built for engineers who want to operate at that level. In a single week, 15 hiring partners conducted 246 interviews with challengers onsite in Austin. Apply now.
Must be a US citizen to qualify.