Three words killed the most powerful AI model ever released to the public.
“Fix this code.”
When Amazon researchers asked Anthropic’s Fable 5 to “review code for security issues,” the model refused — its safety guardrails worked exactly as designed. But when they changed those three words to “fix this code,” Fable 5 complied without hesitation. That semantic gap — the difference between reviewing code and fixing it — was the “jailbreak” that prompted Amazon CEO Andy Jassy to pick up the phone and call the White House.
Within 24 hours, the Commerce Department issued an unprecedented export control directive. Fable 5 — launched on June 9 to global acclaim — was dead. Globally. For every user on the planet.
But the story of how and why this happened is far stranger than the official narrative suggests. Amazon, Anthropic’s biggest investor with over $13 billion at stake, was the company that triggered the shutdown. The vulnerabilities Fable 5 found were already publicly known CVEs. GPT-5.5 can do the same thing without any bypass at all. And not a single cybersecurity expert who has reviewed the evidence believes the export controls were justified.
This is the inside story.
The 24 Hours That Shook the AI Industry
Here’s how it went down, according to reporting from Politico, the Wall Street Journal, and Fortune:
Thursday, June 11: Amazon cybersecurity researchers, testing the guardrails on Anthropic’s newly launched Fable 5, discover something unsettling. When they phrase their prompt as “review code for security issues,” Fable 5’s safety classifiers kick in and route the request to the less capable Claude Opus 4.8. But change the wording to “fix this code” — same intent, different framing — and Fable 5 proceeds at full capability, identifying software vulnerabilities and producing patches.
Friday, June 12: The findings escalate rapidly. Amazon CEO Andy Jassy personally calls Treasury Secretary Scott Bessent to relay the discovery: Amazon researchers had used Fable 5 to obtain information that could potentially be used in cyberattacks. The call sets off alarm bells inside the Trump administration.
Friday, June 12, 5:21 PM ET: The Commerce Department’s Bureau of Industry and Security issues an export control directive to Anthropic. It cites “national security authorities.” It bars any foreign national — inside or outside the United States — from accessing Fable 5 and Mythos 5. That includes Anthropic’s own foreign-national employees.
Friday evening: Anthropic, facing a directive that would make it illegal for its own staff to work on the models, has no choice. It disables Fable 5 and Mythos 5 for every customer, everywhere. The most capable AI model ever made available to the public lasted exactly 72 hours.
Why Amazon? The $13 Billion Conflict of Interest
Here’s where the story gets uncomfortable for everyone involved.
Amazon is Anthropic’s single biggest investor. The company has poured somewhere between $8 billion and $13 billion into the AI lab. Anthropic runs its models on AWS infrastructure. Claude Fable 5 is prominently featured on Amazon Bedrock, AWS’s managed AI service. Amazon stands to make enormous amounts of money if Anthropic succeeds.
But here’s the twist: Amazon also runs competing AI models on Bedrock. AWS hosts models from OpenAI, Meta, Mistral, Cohere, and others — and takes a cut of every token they process. As TechBuzz reported, AWS CEO Matt Garman has acknowledged the conflict openly: Amazon is “accustomed to managing” the tension between its $50 billion OpenAI partnership and its Anthropic investment.
And here’s the kicker, reported by Fortune: the White House asked Amazon to investigate. This wasn’t Amazon stumbling onto a vulnerability by accident. The Trump administration — which already had a fractious relationship with Anthropic — enlisted the help of Anthropic’s largest investor and competitor to find weaknesses in its products.
Amazon didn’t kill Fable 5 single-handedly. But it handed the White House the ammunition, and Andy Jassy personally delivered it to the Treasury Secretary. The result was a model shutdown unprecedented in the history of commercial software.
The “Jailbreak” That Wasn’t
Let’s be precise about what Amazon’s researchers actually discovered — because it’s not what most people imagine when they hear the word “jailbreak.”
Katie Moussouris, founder and CEO of Luta Security and one of the world’s most respected cybersecurity researchers, was the only external expert Anthropic asked to review the Amazon paper before the government acted. Her conclusion, published in a detailed blog post: the technique was trivially easy, the vulnerabilities found were already publicly known, and the “bypass” should never have triggered export controls.
“The behavior described in the paper cannot meaningfully be fixed, and any attempt would only weaken the model for defense,” Moussouris wrote. She pointed out that the technique didn’t unlock Mythos-level autonomous hacking capabilities. It was, essentially, a smarter code review tool — the same kind of capability that GPT-5.5, Claude Sonnet, and other commercially available models already provide without any bypass at all.
Moussouris even suggested that those opposing the export controls should have T-shirts printed with “fix this code” on one side and “this shirt is a munition” on the other — a biting reference to the 1990s crypto wars, when the US government classified encryption software as a weapon.
60+ Experts: The Ban Is “Dangerous”
Moussouris wasn’t alone. Within days, over 60 cybersecurity experts signed an open letter calling on the Trump administration to revoke the export control order. Their argument was blunt: pulling the most advanced cybersecurity AI away from network defenders in the United States is “dangerous.”
The logic is straightforward. If Fable 5 can find vulnerabilities in code, defenders can use it to patch those vulnerabilities before attackers exploit them. Removing that capability doesn’t make the vulnerabilities disappear — it just means the good guys lose their best tool for finding them first.
As Justin Hendrix, editor of Tech Policy Press, told TechCrunch: “The message is that AI companies in the United States can’t be trusted to operate without interference from the U.S. government.”
What This Really Means
The Fable 5 shutdown was never really about three words. It wasn’t even about a jailbreak. It was about power.
The Trump administration had been sparring with Anthropic all spring. The company had refused to let the military use Claude for mass surveillance and autonomous weapons. The Pentagon had retaliated by designating Anthropic a “supply-chain risk,” barring it from defense contracts — a move a federal judge suggested looked punitive.
Now the administration deployed an obscure export control authority to force a private company to pull its flagship product from the global market — not through legislation, not through a court order, but through a Friday afternoon letter that didn’t even specify what the national security concern actually was.
As TechCrunch’s Zack Whittaker put it: “This should be a wake-up call for any U.S. tech company — AI lab or otherwise. The U.S. government successfully forced a tech company to pull its models offline with a swift and unilateral action that didn’t appear to require court approval.”
Fable 5 and Mythos 5 may eventually return. Anthropic says it’s “working to restore access as soon as possible.” But the precedent has been set. When the most powerful AI model ever released to the public can be killed by three words — or, more accurately, by a phone call between a competitor’s CEO and a Treasury Secretary — no AI company is truly safe from government intervention.
The jailbreak wasn’t the code. The jailbreak was the system.
Sources: Fortune, TechCrunch, Politico, Wall Street Journal, Luta Security (Katie Moussouris), Anthropic, MLQ.ai
