Analysis
On 9 June 2026, Anthropic put out two models at once. One of them got all the attention. The other was easy to miss.
Claude Fable 5 was the headline: Anthropic's most capable widely released model, built for heavy reasoning and long agentic tasks (Anthropic). Claude Mythos 5 arrived next to it with far less noise, available only to approved partners. Three days later, on roughly 12 June, the US Commerce Department issued an export directive and Anthropic pulled both models worldwide (National Law Review).
Here is the part worth getting straight, because a lot of the early commentary got it backwards. Mythos 5 is not the locked-down, extra-cautious version of Fable 5. According to Anthropic's own model docs, Fable 5 ships with the safety classifiers that can decline requests. Mythos 5 has those classifiers stripped out, with some cyber and bio safeguards lifted, for a short list of vetted security and government partners. So Mythos 5 is the less restricted, higher-risk model, not the safer one.
For an Australian business team, the practical takeaway is simple. Neither model is something you can sign up for today. But the story behind them tells you a lot about where AI procurement, safety claims, and government oversight are heading, and that is worth understanding before you bet a workflow on any frontier model.
When Anthropic announced both models on 9 June 2026, most coverage fixed on Fable 5 and skipped past Mythos 5. The quiet release was deliberate. Mythos 5 was offered through Project Glasswing, Anthropic's gated channel for cybersecurity organisations, critical-infrastructure operators, government partners, and select life-sciences researchers, rather than through the normal public product pages.
One detail that circulated early does not hold up: the idea that Mythos 5 had "no pricing page" and lived only behind a generic research programme. Both models share the same published specs and the same documented pricing, and both carry 30-day data retention as Covered Models (Claude API Docs). The difference between them is the safety layer, not the price tag.
The two models share the same underlying model and capabilities. Where they part ways is the classifier stack (Anthropic). Fable 5 keeps the request-declining safeguards. Mythos 5 has them removed for its vetted audience. Some early write-ups claimed Mythos 5 refuses roughly 3.4 times as many prompts as Fable 5 on sensitive queries. That figure is unconfirmed, appears in no Anthropic material, and points the wrong way: with the classifiers removed, Mythos 5 should refuse fewer prompts, not more.
Why Two Models?
Anthropic's choice to ship a pair reads as a bet that the market is splitting in two. One side wants maximum capability with as few guardrails as possible. The other needs systems it can document, audit, and defend to a regulator.
That maps onto the two models, though not the way some early takes had it. Fable 5 is the broadly available, classifier-equipped model for general demanding work. Mythos 5, with safeguards lifted, goes to a narrow set of vetted partners doing security and critical-infrastructure work where having the brakes off is the point (Anthropic, Claude Mythos). Note that the original framing had this inverted, treating Mythos 5 as the "demonstrably safe compliance model." It is closer to the opposite: it is restricted precisely because its high-risk capability is exposed.
Running two near-identical models also gives Anthropic data on what the safety layer actually costs in practice. One claim doing the rounds put the gap at 1.2 percentage points on MMLU-Pro and about 4.7% on coding benchmarks. Those numbers are unconfirmed and look invented. Anthropic states the two models share the same capabilities and specs, with Mythos 5 simply lacking the classifiers, so there is no documented capability gap to measure (Claude API Docs).
The Mythos 5 Safety Architecture
A detailed "three-layer safety system" was attributed to Mythos 5 in early accounts: an "adversarial deliberation" constitution where the model debates safety and capability personas before answering, a real-time monitor checking the full prompt-and-output pair, and a cryptographic provenance log stamped onto every API response for audit trails.
None of that is supported. No Anthropic source or news coverage describes any of these mechanisms, and the figures attached to them, such as a 23% inference overhead and a 7.2x reduction in harmful outputs, appear nowhere. They look fabricated. The reality runs the other way: Mythos 5 has fewer safety controls than Fable 5, not a stack of extra ones, because its classifiers were removed for vetted partners (Claude API Docs).
So if you read claims about Mythos 5's elaborate guardrails, treat them with caution. The documented design point is the absence of the standard classifiers, not their reinforcement.
What the Fable 5 Ban Means for Mythos 5
The export action did not single out Fable 5. The Commerce directive covered both models, and Anthropic suspended both worldwide because it cannot verify a user's nationality in real time (MarkTechPost). This was reportedly the first time the US applied export controls to an AI model itself rather than to chips, and it followed concerns about a jailbreak that bypassed safeguards around finding cybersecurity vulnerabilities (National Law Review).
Because the two models share a base, controls on one effectively reach the other. One detail from the early version, that existing research partners kept "grandfathered" access while new access was paused, is not borne out by the reporting. Anthropic disabled both models for all customers globally, not just new ones.
There was also a claim that several AI safety researchers wrote to the Commerce Department arguing that restricting these models while less-safe international options stay available is counterproductive. That letter campaign is unconfirmed; no source documents it. What is on record is that Anthropic itself disagreed with the directive publicly, arguing the jailbreak in question was narrow and could be reproduced on other public models.