Anthropic released Claude Fable 5 on June 10, putting the most powerful vulnerability-finding AI in public hands. For unaudited DeFi protocols, the risk just multiplied.
Anthropic released Claude Fable 5 on June 10, putting the most powerful vulnerability-finding AI ever built into public hands. Until today, the model behind it – codenamed Mythos – was locked inside Project Glasswing, accessible to only about 150 organizations. Microsoft and Google were among them. JPMorgan was another. That restricted version had already found more than 10,000 critical vulnerabilities across the world's most important software, Anthropic said.
The public version comes with hard safety limits. In high-risk areas – cybersecurity, biology, chemistry, and model distillation – Fable 5 blocks responses and falls back to the weaker Claude Opus 4.8. Anthropic stress-tested those classifiers with jailbreak attempts and ran an external bug bounty that produced no universal jailbreaks across more than 1,000 hours of testing. Sensitive cybersecurity requests trigger the fallback in less than 5% of sessions, meaning the vast majority of interactions proceed through Fable 5's full capabilities.
For DeFi, the gap in those guardrails matters. Smart contract exploitation does not fit neatly into Anthropic's blocked categories. Finding a vulnerability in a Solidity contract looks like a coding task, not a traditional cybersecurity attack. Fable 5's exceptional performance in software engineering is consistent, and the longer and more complex the task, the larger its lead over other models currently available. For an unaudited DeFi protocol running on publicly visible on-chain code, that distinction may matter enormously.
The Zcash precedent is already circulating in security circles. A lighter version of the Anthropic architecture found a critical flaw in the Zcash protocol within 24 hours. That vulnerability had survived four years of scrutiny from some of the world's best cryptographers, Anthropic said.
White hat hacker MevenRekt described the shift in plain terms:
"The cost and skill required to find exploitable flaws in smart contracts is about to drop to effectively zero."
Unaudited protocols become sitting ducks. Known exploits can be replayed on forks around the clock. Even small projects become worth targeting simply because trying costs next to nothing. The attack surface just became global and around the clock.
Anthropic itself warned last week that AI systems are advancing so quickly they may soon achieve recursive self-improvement, autonomously improving without human intervention. That timeline may have just shortened with Fable 5's public release.
Safety experts are giving urgent advice. Revoke token approvals and move funds to hardware wallets. Cut exposure to protocols you do not fully trust. Not tomorrow. Today.
For anyone holding positions in unaudited or lightly audited DeFi projects, the risk assessment now includes a factor that was not present two days ago. The model is live. The subscription is open.
Prepared with AlphaScala research tooling and grounded in primary market data: live prices, fundamentals, SEC filings, hedge-fund holdings, and insider activity. Each story is checked against AlphaScala publishing rules before release. Educational coverage, not personalized advice.