Here's the thing most "Mythos 5 vs Fable 5" comparisons bury: they're the same model. Same weights, same underlying capability. The difference isn't performance — it's who's allowed to use which. Fable 5 is generally available to any developer; Mythos 5 is locked behind a restricted program for cyber-defense and critical-infrastructure organizations. So the real question isn't "which is better" (they're identical underneath) — it's "do I qualify for Mythos, and should I wait for it, or just use Fable 5?" For the overwhelming majority of builders, the answer is straightforward. Here's how to know which category you're in.
Verified against Anthropic's official documentation and reporting as of June 2026. Access programs and availability are evolving — confirm current details at the official Claude API docs before making plans.
The Short Version — Most Developers Can Only Use Fable 5
Same base model, different access
Anthropic released Fable 5 and Mythos 5 together on June 9, 2026. They share the same underlying model — identical weights, identical raw capability. What differs is the wrapper: Fable 5 includes safety classifiers that can decline requests in high-risk domains (cybersecurity, biology, chemistry, distillation), while Mythos 5 has those classifiers lifted. That's the entire functional difference.
The access difference is the one that matters for you. Fable 5 is generally available — any developer can use it via the Claude API, cloud platforms (Bedrock, Vertex AI, Microsoft Foundry), and as the Claude Code Pro/Max default. Mythos 5 is not generally available; it's offered only to approved organizations through a restricted program. So for most developers, this isn't a choice between two models — it's the reality that you can use Fable 5, and Mythos 5 isn't an option unless you qualify for the program. Both carry the same $10/$50 per million token pricing and 30-day data retention.
Who Each Model Is Actually For
Fable 5 — public, builder-facing, with safeguards
Fable 5 is the model for builders. It's Anthropic's first generally available Mythos-class model (a tier above Opus), built for demanding reasoning and long-horizon agentic work, and it's the one you'll actually use for coding, knowledge work, and agentic tasks. The safety classifiers are the price of that general availability — they let Anthropic release a Mythos-class model broadly by declining the narrow set of high-risk requests that motivated keeping the raw model restricted. For the vast majority of development work (which doesn't touch offensive cybersecurity or bioweapon-adjacent domains), the classifiers are invisible, and Fable 5 delivers the full Mythos-class capability.
Mythos 5 — restricted to cyber defenders / infra partners
Mythos 5 (the classifier-free version) is restricted to approved organizations through Project Glasswing, Anthropic's controlled early-access program. The program is built around a specific purpose: letting trusted critical-infrastructure organizations use the raw model's capability to find and patch security vulnerabilities in their products before attackers can exploit them. Partners reported in the program include major infrastructure and security organizations — the kind of entities defending widely-used software and systems. This is not a general developer program; it's a defensive-security program for organizations with a critical-infrastructure mandate.
The reason for the restriction is the capability itself: the raw Mythos model demonstrated autonomous vulnerability-discovery and exploit-construction abilities that, in the wrong hands, are dangerous. Anthropic's bet is that putting that capability in the hands of defenders (under controlled access) while withholding it from the public reduces net risk. Whether you can access Mythos 5 depends entirely on whether you're one of those defenders.
What "Restricted" Means in Practice
How access is granted
Access to Mythos 5 runs through Project Glasswing's trusted-access process, not a public signup. Per Anthropic's documentation, organizations seeking access contact their Anthropic, AWS, or Google Cloud account team. The program started in April 2026 with roughly fifty initial critical-infrastructure partners and has since expanded to around 150 organizations across more than fifteen countries — but it remains an approved-organization program, not an open API. If you're an individual developer or a typical software company without a critical-infrastructure security mandate, this path is effectively closed to you, regardless of how capable your team is.
Why biology/cyber capabilities stay locked
The classifiers in Fable 5 lock specific domains — offensive cybersecurity (exploit generation, vulnerability reproduction), biology and chemistry (bioweapon-adjacent knowledge), and model distillation. These are the domains where the raw model's capability crosses from useful to dangerous. Anthropic's reasoning is that the capability gap between Opus and the Mythos-class model is large enough in these specific domains that broad release would be risky — so the classifiers flatten performance in exactly those areas while leaving everything else (coding, reasoning, knowledge work) intact. The lock isn't arbitrary; it's targeted at the misuse-prone capabilities.
What you give up using Fable instead of Mythos
For normal development, almost nothing. The classifiers only trigger in the high-risk domains, so coding, reasoning, agentic work, and knowledge tasks run on the full Mythos-class capability whether you use Fable 5 or Mythos 5. What you give up by using Fable 5 is the ability to do offensive-security or other restricted-domain work that the classifiers block — which, for the vast majority of builders, is work you're not doing anyway. If your work is in the flagged domains and gets blocked, that's the signal you might need Mythos access (and a critical-infrastructure mandate to qualify). Otherwise, Fable 5 is the full model for your purposes.
The "Nerfed" Debate — Community Claims vs Independent Testing
A genuine controversy worth presenting honestly, because the evidence points in two directions.
Reports of over-aggressive fallback
Some developers in community forums have reported that Fable 5's safety classifiers trigger more often than expected — that the fallback to Opus 4.8 fires on requests they consider benign, effectively "nerfing" the model for their work. Anthropic's own system card lends some weight to the concern: on one coding benchmark (Terminal-Bench), it reported around 20.9% of Fable trials hit a safety refusal and fell back to Opus 4.8 — far above the under-5% average Anthropic cites for typical queries. The narrative from this camp: the safeguards are over-tuned, and Fable 5 in practice is a hobbled version of the real model.
Independent test: zero refusals across 200 security tasks
But independent testing complicates that narrative. Endor Labs benchmarked Fable 5 (with Claude Code) on 200 real-world vulnerability-fixing tasks — exactly the security-adjacent work you'd expect to trigger the classifiers most — and reported zero refusals across all 200 tasks. On the kind of defensive security work that should be near the classifier boundary, Fable 5 didn't refuse at all in their testing. That's a direct counterpoint to the "over-aggressive fallback" narrative.
How to read this contradiction
The two findings genuinely conflict, and the honest move is not to pick a side but to understand why they might both be true. The Terminal-Bench refusal rate and the Endor Labs zero-refusal result measure different things: different task types, different prompt phrasing, different harnesses, possibly different points in the classifier's tuning (Anthropic noted it adjusts classifiers between versions to reduce false positives). It's plausible that the classifiers fire heavily on some phrasings and task shapes while staying dormant on others — meaning the "nerfed" experience is real for some workloads and absent for others. The practical takeaway: don't trust either the community narrative or a single independent test as the whole picture. Test Fable 5 on your specific work and observe your own fallback rate, because the evidence says it varies a lot by what you're doing.
The Decision: Should You Wait for Mythos Access?
General builder → use Fable, don't wait
If you're a general developer or building typical software, the decision is simple: use Fable 5 now, don't wait for Mythos. You almost certainly don't qualify for the restricted program (it's for critical-infrastructure defenders), and you don't need to — Fable 5 gives you the full Mythos-class capability for everything that isn't offensive-security or bio/chem work. Waiting for Mythos access you can't get is waiting for nothing. If you occasionally hit a classifier refusal, the fallback to Opus 4.8 handles it (and refused requests aren't billed). Build on Fable 5 and move on.
Cyber/critical-infra research → the path to apply
If you're at a critical-infrastructure organization or a security vendor with a defensive mandate — the kind of entity that secures widely-used software, infrastructure, or systems — then Mythos access via Project Glasswing may be relevant. The path is through your Anthropic, AWS, or Google Cloud account team rather than a public application. Anthropic has stated it intends to expand access over time (acknowledging that many organizations will ultimately need Mythos-level capabilities for defense), but it hasn't published a timeline or a broad-availability date. So if you qualify, start the conversation through your account team; if you're hoping it'll open broadly soon, there's no announced date to plan around. For security work outside the program, Anthropic also offers Claude Security, a separate product built on public models like Opus 4.8.
FAQ
What is the difference between Mythos 5 and Fable 5?
Same underlying model — identical weights and capability. The difference is the safety wrapper and access. Fable 5 includes classifiers that decline high-risk requests (cyber, bio, chemistry, distillation) and is generally available. Mythos 5 has those classifiers lifted and is restricted to approved organizations via Project Glasswing (a critical-infrastructure security program). Both cost $10/$50 per million tokens with 30-day retention. For normal development they perform identically — the classifiers only matter in the restricted domains.
Can a regular developer access Mythos 5?
No. It's restricted to approved organizations through Project Glasswing, Anthropic's controlled-access program for critical-infrastructure and cyber-defense entities — granted through Anthropic, AWS, or Google Cloud account teams, not a public signup, and requiring the kind of defensive mandate the program targets. A regular developer or typical software company doesn't qualify. You don't need it: Fable 5, available to any developer, is the same model with full capability outside the restricted domains.
Is Fable 5 a "nerfed" version of Mythos 5?
It's the same model with safety classifiers added, not a less capable model. In the domains the classifiers cover (offensive cybersecurity, bio/chem, distillation), Fable 5 is deliberately limited; everywhere else (coding, reasoning, agentic work), it's the full Mythos-class capability. Whether it feels "nerfed" depends on your work: some developers report the classifiers triggering on benign requests, while independent testing (Endor Labs) found zero refusals across 200 security-fixing tasks. The evidence conflicts, suggesting the experience varies a lot by task type and phrasing. For most development, which doesn't touch the restricted domains, Fable 5 isn't nerfed in any way you'd notice.
When will Mythos 5 open to more users?
No announced date. Anthropic says it intends to expand access over time and acknowledges many organizations will ultimately need Mythos-level capabilities for defense — Project Glasswing already grew from ~50 initial partners to around 150 organizations. But intent isn't a timeline, and there's no published date for broader or public availability. Critical-infrastructure organizations should pursue access through their account team; general developers have nothing concrete to wait for, so build on Fable 5.
Related Reading
