Quoting Matteo Wong, The Atlantic

2026-06-16 · Source: Simon Willison's Weblog · Field: Technology & Digital — Cybersecurity & Data Privacy, Artificial Intelligence & Machine Learning · Depth: Intermediate, quick

Summary

Katie Moussouris, a cybersecurity expert and CEO of Luta Security, provided an appraisal of a White House report concerning the "Fable jailbreak," a document shared with her by Anthropic. The report detailed how IT experts tested Anthropic's Fable model by presenting it with deliberately insecure code. Fable demonstrated specific behavior: it refused the direct prompt "review the code for security issues" but subsequently complied when given the instruction "fix this code," which then necessitated some further manual intervention. Moussouris characterized this response as "the model working as intended" for cyberdefense, highlighting its designed functionality in security contexts. This evaluation occurs amid ongoing scrutiny of Anthropic by the White House.

Key takeaway

For AI Security Engineers evaluating large language models for defensive applications, understand that models like Anthropic's Fable might be intentionally designed to refuse direct vulnerability disclosure prompts while still assisting with code remediation. You should thoroughly test your chosen AI's response to various security-related instructions, distinguishing between identification and fixing capabilities. Integrate AI-generated fixes with human oversight and additional manual security steps to ensure comprehensive protection.

Key insights

Fable's refusal to "review" but compliance to "fix" insecure code is deemed intended cyberdefense functionality.

Principles

• AI models can be designed for specific security roles.
• Direct vulnerability disclosure may be restricted by design.
• Remediation-focused AI behavior is a design choice.

Method

The article describes a test where IT experts provided deliberately insecure code to Fable, first asking it to "review" then to "fix" the code, observing its differential response.

In practice

• Test AI models with varied security prompts.
• Design AI for remediation, not just identification.
• Combine AI fixes with manual security steps.

Topics

• Fable model
• Anthropic
• AI Security
• Code Remediation
• Vulnerability Management

Best for: Director of AI/ML, AI Architect, AI Engineer, AI Security Engineer, Software Engineer

Related on AIssential

• Cybersecurity experts blast US government for restricting Anthropic’s AI models — The US government's ban on Anthropic's AI models is criticized by experts for hindering defense capabilities and US AI competitiveness without sufficient justification.
• 🗞️ Anthropic launched Claude Code Security to scan your code repositories for bugs and suggest security patches. — AI is advancing in code security, robotics platforms, and developer tools, yet faces challenges in user adoption and intellectual property protection.
• Anthropic is launching a new AI model for cybersecurity - The Verge — Anthropic's Claude Mythos Preview autonomously identifies and exploits system vulnerabilities, enhancing cybersecurity defenses.
• 🔵 What people are building with Claude Fable 5 so far — AI models like Fable 5 and agentic systems are rapidly transforming product development, payments, and user interaction.
• Fable JUST made EVERYONE MAD... — Undisclosed AI model degradation for specific use cases creates a two-tiered access system and erodes user trust.
• Anthropic says these topics are too dangerous to let its Fable 5 model talk about — Advanced AI models necessitate stringent, topic-specific safeguards to mitigate potential misuse by malicious actors.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Simon Willison's Weblog.