Researchers criticize limitations of Anthropic's Fable
Anthropic launched Fable, a public and limited version of its cybersecurity model, Mythos. But the reception was not so warm among researchers in the field. The restrictions imposed on Fable have generated discomfort. Valentina "Chompie" Palmiotti, a security researcher at IBM X-Force, commented that even simple tasks, like reading a blog post, are blocked. When a potential risk is detected, Fable interrupts the interaction and warns that the message was flagged for addressing cybersecurity or biology topics.
Anthropic's concern is understandable. They want to prevent Fable from being used to create malware or compromise software, a long-standing fear of the company. The restrictions in biology follow the same logic, to prevent the development of biological weapons. When Mythos was launched in April, it was restricted to a limited number of companies and organizations, part of Project Glasswing, which aimed to protect software and critical infrastructure. Recently, Anthropic expanded access to Mythos to hundreds of organizations in 15 countries.
Guardrails that cause friction
Even with good intentions, many experts still feel frustrated with how the restrictions are applied. Matt Suiche, a cybersecurity veteran, said that when asking Fable to write secure code, it assumes it is cybersecurity-related work, and not software engineering best practices. The result? You are downgraded. Fable, upon encountering an obstacle, defaults to Claude Opus 4.8. It seems everything revolves around keywords. Anything in the lexical field of "cybersecurity" sets off the alarms.
Another researcher complained on X that even asking for a code review triggers Fable's barriers. Anthropic has not yet responded to these comments. There is a program for cybersecurity professionals, the Cyber Verification Program. Those approved have fewer limitations when using Claude for cybersecurity work. OpenAI has something similar, called Trusted Access for Cyber.
Evolution of barriers
Suiche believes we are just at the beginning and that barriers will evolve over time. The idea is that, when making a release, it is better to catch more people than to let something important slip through. Over time, restrictions may be relaxed. He mentions that, as Anthropic and other frontier model companies collaborate with the new generation of cybersecurity companies, things should improve.










Comments (0)
Comments are moderated and if they violate our Terms and Conditions of use, the comment will be deleted. Persistence in violation will result in a ban of your account.