Anthropic's latest model, Fable, has sparked discontent among cybersecurity experts following its release on Tuesday. Designed as a public and limited version of the cybersecurity-focused Mythos, Fable faces criticism for its stringent restrictions, which many believe undermine its utility.
The model’s guardrails aim to reduce risks associated with potential malware creation or the development of biological weapons. However, some in the cybersecurity field find these precautions overly cautious. Valentina “Chompie” Palmiotti, a notable security researcher at IBM X-Force, pointed out that Fable “rejects any request that could be tangentially cyber related,” even tasks as simple as reading a blog post. The AI halts conversations when it detects cybersecurity or biology-related prompts, stating that its “safety measures flagged this message for cybersecurity or biology topics.”
Critics, including cybersecurity veteran Matt Suiche, have voiced frustration over the model's inability to distinguish between appropriate software engineering requests and cybersecurity-related queries. Suiche noted that asking Fable to write secure code often leads to the model being downgraded to Claude Opus 4.8, a fallback used when it hits its guardrails. He explained, “It seems to be keyword based, so anything in the lexical field of ‘cybersecurity’ triggers the guardrails.” This has created a perception that the model is excessively cautious, limiting its effectiveness.
Fable's release follows the launch of Mythos earlier this year, which was available only to select organizations through Project Glasswing. Anthropic has since broadened access to Mythos for hundreds of organizations across 15 countries. Despite the good intentions behind these measures, the implementation of Fable's guardrails has left many industry professionals feeling that the model is not yet ready for practical use in cybersecurity tasks.
Researchers have taken to platforms like X to express their frustrations, with one stating that even basic requests such as code reviews can trigger the model's safety protocols, effectively stunting Fable's potential for legitimate cybersecurity assistance. While some experts recognize the need for caution in the early stages of AI development, they argue that the current restrictions may impede progress.
Suiche acknowledged the importance of guardrails, suggesting that it is better to err on the side of caution initially. He remains optimistic that, as Anthropic collaborates with emerging cybersecurity firms, the guardrails will evolve, allowing for a more nuanced approach in the future. “I am sure they are going to evolve over time as Anthropic and other frontier model companies will collaborate more with the current new generation of cybersecurity companies,” he stated.
As the conversation around Fable continues, the debate underscores a broader challenge in the AI industry: finding the right balance between safety and functionality. As AI models become more sophisticated, expectations for their responsiveness and adaptability will only grow, placing pressure on developers to refine their safety approaches without stifling innovation. The trajectory of Fable and its guardrails will be closely monitored by cybersecurity professionals eager to see how this technology can be effectively integrated into their workflows without compromising security or usability.
The stories that move AI & crypto markets — before the market reacts.
Free. 7am ET. Five stories. 62,400 readers.