# Announcements

Source: [Anthropic](https://www.anthropic.com/news/fable-safeguards-jailbreak-framework)  
Feed7 permalink: https://feed7.dev/p/fable-safeguards-jailbreak-framework-05x4d7q  
Published: Unknown  
Trust: Official Source (official_source)

## Why Included

Anthropic details Fable 5's cyber classifiers — pen testing and exploit dev are blocked even for legitimate use, with a wider false-positive margin — and drafts a five-level jailbreak severity scale (CJS).

## Source Summary

**The gist** Anthropic published details on **Fable 5**'s cyber safeguards (**July 2, 2026**): classifiers sort requests into four buckets — prohibited (ransomware, C2, malware dev), **high-risk dual use** (pen testing, exploit development — blocked pending better access controls), low-risk dual use, and benign defensive work. It also drafts a **CJS jailbreak severity scale**, five levels scored on capability gain, breadth, ease of weaponization, and discoverability, built with **Amazon, Microsoft, and Google**.

## Practical Implication

**Why it matters** If you do security work with Claude, expect refusals beyond the obvious: Anthropic deliberately **widened the safety margin**, so some benign and low-risk requests get blocked as accepted false positives. Defensive tasks — secure coding, debugging, incident response, **malware reverse engineering** — are meant to stay open.

## Agent-Ready Context

**The gist** Anthropic published details on **Fable 5**'s cyber safeguards (**July 2, 2026**): classifiers sort requests into four buckets — prohibited (ransomware, C2, malware dev), **high-risk dual use** (pen testing, exploit development — blocked pending better access controls), low-risk dual use, and benign defensive work. It also drafts a **CJS jailbreak severity scale**, five levels scored on capability gain, breadth, ease of weaponization, and discoverability, built with **Amazon, Microsoft, and Google**.

**Why it matters** If you do security work with Claude, expect refusals beyond the obvious: Anthropic deliberately **widened the safety margin**, so some benign and low-risk requests get blocked as accepted false positives. Defensive tasks — secure coding, debugging, incident response, **malware reverse engineering** — are meant to stay open.

**Watch out** This is an **early draft**: classifiers will shift with feedback, and CJS scores can be raised but **never lowered**. Legitimate pentesters have no unlock path yet — better access controls are promised, not shipped.

## Context Map

- Layer: model
- Domains: security
- Topics: model-selection

## Uncertainty

- This is an **early draft**: classifiers will shift with feedback, and CJS scores can be raised but **never lowered**. Legitimate pentesters have no unlock path yet — better access controls are promised, not shipped.

## Agent Instruction

Use this item as source-backed context. Do not invent claims beyond the linked source. If this item conflicts with another source, call out the conflict.
