Fable 5 cyber safety fallback makes Fable effectively unusable for defensive CTI — auto-switches to Opus 4.8 on nearly every task

Resolved 💬 2 comments Opened Jun 11, 2026 by admetos Closed Jun 14, 2026

What happens

On Claude Code, Fable 5's safety measures flag routine defensive cyber threat intelligence (CTI) work and automatically switch the session to Opus 4.8:

"Fable 5's safety measures flagged this message for cybersecurity or biology topics. They may flag safe, normal content as well. These measures let us bring you Mythos-level capability in other areas sooner, and we're working to refine them. Switched to Opus 4.8. Send feedback with /feedback or learn more: https://support.claude.com/en/articles/15363606"

Once switched, the session never returns to Fable 5 on its own.

Frequency (measured from local session transcripts)

  • model_refusal_fallback events: 2026-06-09: 1, 2026-06-10: 15, 2026-06-11: 2 — 18 in three days
  • On 2026-06-10, with Fable 5 as the configured model (settings.json: "model": "claude-fable-5[1m]"), 2,746 of 3,427 main-session assistant messages were generated by Opus 4.8 after fallbacks. Fable 5 is effectively unusable for this workload.

The flagged content is defensive, public-source CTI

Monitoring publicly disclosed CVEs (NVD, CISA KEV, vendor advisories), triaging severity and affected versions, summarizing public threat-actor reporting, and IP reputation assessment. No exploit development or offensive tooling. The organization is enrolled in the Cyber Verification Program with cyber safeguards adjusted (verified by the Safeguards team), and the work itself completes on Opus — so this is the model-routing layer flagging content that the use-case safeguards already permit.

Aggravating factor

The fallback target (Opus 4.8) currently has a tool-call serialization bug (stray count/call token + lost antml: prefix on tool calls; reported separately), so each fallback drops long-running CTI pipelines onto a model that intermittently breaks tool calls mid-workflow.

Request

  1. Refine the classifier so public-source defensive CTI does not trigger the switch, and/or
  2. Give CVP-enrolled organizations a way to remain on Fable 5 (or at least choose the fallback model).

Happy to provide timestamps or log IDs via a private channel.

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗