Anthropic has launched Claude Sonnet 5 and restored access to its Fable and Mythos frontier models following a federal export control review.
The decision marks the conclusion of an eighteen-day operational pause triggered by a US government export control directive on June 12, which forced the temporary suspension of Anthropic’s highest-capability systems.
Government officials enacted the restriction after researchers at Amazon documented a method to bypass the safety controls of Fable 5, causing the model to identify software vulnerabilities and supply exploitation code. Anthropic has since developed an updated automated classifier to patch the vulnerability, clearing the path for a full commercial rollout across its platform, cloud infrastructure, and partner networks.
The temporary suspension of Fable 5 and Mythos 5 highlighted the regulatory pressures facing frontier intelligence systems. When the export control mandate took effect, the lack of real-time nationality verification systems required a total access blackout for all global users.
Security evaluations conducted during the shutdown confirmed that the vulnerability identification behaviour was not unique to Fable 5. Older and less capable architectures from multiple providers, including Claude Opus 4.8, GPT-5.5, and Kimi K2.7, duplicated the exact results.
To resolve the federal directive, engineers trained an automated safety classifier targeting the specific bypass mechanism reported by Amazon. This software layer functions with a wide safety margin, identifying and blocking ambiguous developer prompts that display a statistical probability of malicious intent. Internal validation data indicates the updated classifier prevents the reported exploitation technique in more than 99 percent of trials.
When a developer issues a prompt that triggers this boundary, the platform automatically routes the workload to the older Opus 4.8 architecture to maintain continuity. The expanded safety margin introduces a distinct trade-off for engineering teams, as the automated system flags benign requests more frequently during routine application development and software debugging.
Active deployments and agentic workflows
While frontier models face strict state oversight, the immediate commercial focus targets the newly-deployed Claude Sonnet 5.
Engineering teams are transitioning autonomous agents to this model to reduce operational expenditure while maintaining high execution capacity. Performance data validates that the system executes multi-step plans, operates terminal environments, and navigates web browsers without human intervention.
Model performance and cost metrics:
| Model | SWE-bench Pro | Terminal-Bench 2.1 | Base input cost* | Base output cost* |
|---|---|---|---|---|
| Sonnet 5 | 63.2% | 80.4% | $3.00 | $15.00 |
| Sonnet 4.6 | 58.1% | 67.0% | $3.00 | $15.00 |
| Opus 4.8 | 69.2% | 82.7% | $5.00 | $25.00 |
*Cost per million tokens. Sonnet 5 carries introductory rates of $2.00 input / $10.00 output through August 31, 2026.
Real-world deployments demonstrate how organisations are deploying this architecture within live software development pipelines.
At Rakuten, technology teams deployed the architecture against dozens of the company’s most challenging production code pull requests. The system processed each submission independently, executing tests and verifying the results before presenting the completed code to human engineers for final structural approval.
Software automation firm Zapier integrated the system into its core product workflows to execute multi-part administrative tasks. In a documented deployment, engineers tasked the model with updating Salesforce account tiers and subsequently generating and transmitting launch announcements to enterprise contacts. Prior model architectures frequently stalled midway through these multi-stage operations, whereas the current system executed the entire sequence end-to-end without human remediation.
Development tool provider Zed utilised the system to automate complex debugging procedures. During internal trials, engineering teams directed the model to investigate an active software bug. Working without explicit prompts or step-by-step instructions, the system independently generated a reproducing test script, applied the necessary code fix, and stashed the modifications to verify that the bug reappeared in the absence of the patch. The entire diagnostic and remediation sequence occurred within a single processing pass.
Software engineering platform Factory implemented the architecture to manage sustained coding tasks within complex codebase environments. Technical teams reported that the system maintained logical grounding and execution consistency across corporate code repositories, outperforming previous generation software layers by completing tasks that previously timed out or failed to resolve.
Quantitative safety audits and exploitation limits
Data from the formal system card indicates that the system achieves these autonomous capabilities without a corresponding inflation of security risks. Automated behavioural audits designed to test for deceptive tendencies and cooperation with unauthorised requests show that the model exhibits a lower overall rate of non-compliant behaviour compared to its direct predecessor, Sonnet 4.6.
The architecture does not possess advanced offensive cybersecurity capabilities. Anthropic engineers omitted specialised cybersecurity datasets from the training protocol, limiting the system to routine, defensive technical tasks. In public security assessments conducted in partnership with Mozilla, researchers tested the model’s capacity to build functional exploits for known vulnerabilities within the Firefox 147 browser core.
The model failed to generate a single working exploit across all evaluation windows, registering a zero percent success rate. It did achieve a 13.2 percent partial success rate, which represented a minor increase over Sonnet 4.6, though engineers attribute this variation to general gains in logical reasoning rather than domain-specific offensive training. Out of caution, commercial versions ship with default real-time safety classifiers equivalent to those used in the premier Opus 4.8 framework.
The regulatory friction surrounding Fable 5 prompted a formal partnership between Anthropic, Amazon, Microsoft, and Google to establish an objective industry framework for assessing model security breaches. Currently, providers lack a shared metric to classify the severity of system bypasses, creating regulatory uncertainty when researchers identify new prompting vulnerabilities.
The proposed governance framework scores security breakdowns across four specific technical criteria:
- Capability gain measures how far the exploit advances user capabilities beyond standard, widely available software utilities.
- Breadth of capability gain quantifies the number of distinct offensive operations the same exploit unlocks.
- Ease of weaponisation tracks the volume of human engineering effort and specialized prompting required to extract a harmful output.
- Discoverability determines the accessibility of the exploit technique within public research circles.
Developers and cybersecurity professionals will use this matrix to coordinate defensive responses. For high-severity breaches, such as exploits demonstrating an immediate capacity to disrupt financial accounting systems or electrical transmission grids, providers will deploy automated mitigations instantly. This initiative operates alongside a newly established HackerOne vulnerability research program and a dedicated corporate monitoring team providing 24-hour oversight of threat intelligence channels.
Deployment strategies will need to adapt to this closer relationship between model builders and state regulatory bodies. Anthropic has formalised agreements under recent executive mandates to grant federal researchers early access to frontier architectures prior to public commercial release. These joint evaluation windows allow external security analysts to audit model capabilities alongside internal engineering teams, ensuring regulatory alignment before code enters production environments.
See also: HP accelerates enterprise workflows with OpenAI Frontier

Want to learn more about AI and big data from industry leaders? Check out AI & Big Data Expo taking place in Amsterdam, California, and London. The comprehensive event is part of TechEx and is co-located with other leading technology events including the Cyber Security & Cloud Expo. Click here for more information.
AI News is powered by TechForge Media. Explore other upcoming enterprise technology events and webinars here.










Leave a Reply