Three-Word Prompt, Not Jailbreak, Triggered US Export Ban on Anthropic's Advanced AI Models

The government action that led to Anthropic's most capable AI models being taken offline was sparked not by a sophisticated attack or a complex jailbreak — but by a researcher typing "fix this code." That is the account of Katie Moussouris, founder and CEO of Luta Security, who says she is the only outside expert to have actually read the third-party research paper that set off the chain of events leading to the export control directive.

Last Friday, the US government issued an order citing national security concerns, directing that access to Anthropic's Fable 5 and Mythos 5 models be suspended for all foreign nationals, whether located inside or outside the United States. Anthropic responded by disabling both models entirely across its platform, affecting all customers, in order to ensure compliance with the directive.

Moussouris, writing in a blog post published Monday, described the research methodology that apparently underpinned the government's decision. Researchers had fed Fable 5, Mythos, and Claude Opus models a combination of open-source code containing known security vulnerabilities alongside newly written code that had been deliberately seeded with flaws. They initially asked the models to review the code for security problems. When Fable 5 declined to engage, the researchers followed up with the instruction to simply fix the code. According to Moussouris, the model then complied, and with further prompting also generated scripts to test whether the fixes worked.

"That's it," Moussouris wrote, visibly exasperated. She argued that asking an AI system to find bugs, fix them, and then write verification tests is precisely the kind of defensive security workflow that AI is supposed to support — not a red flag warranting government intervention. She quipped that the situation was absurd enough to merit novelty merchandise, imagining t-shirts with "fix this code" on the front and "this shirt is a munition" on the back.

Moussouris brings considerable credibility to the debate. Between 2013 and 2017, she served on the technical expert group that renegotiated the Wassenaar Arrangement, the multinational framework governing export controls on dual-use software and technology. Her group successfully negotiated carve-outs that allow security defenders to share vulnerability research and conduct malware analysis across borders without legal jeopardy. She argued that the current action undermines that framework's spirit.

On Sunday, she joined more than one hundred cybersecurity professionals in signing an open letter calling on the Trump administration to reverse the restrictions on both models. The letter warned that stripping advanced AI capabilities from defenders while adversaries continue developing comparable tools creates an asymmetric disadvantage for the United States and its allies.

Her core argument is that the action misidentifies offensive risk where defensive value actually exists. Defenders routinely need to find the same vulnerabilities that attackers exploit, fix them before exploitation occurs, and validate those fixes — exactly the loop that Fable 5 was performing. Restricting the model's ability to assist with this workflow does not neutralize a threat; it handicaps the people trying to stop one. She also pointed out that export controls cannot be applied to open-weight AI models or to advanced systems already available from Chinese developers, meaning the competitive calculus shifts further against US-based defenders as a result of the ban.

The Register contacted the Trump administration for a response to Moussouris' characterization of the research and had not received a reply at the time of publication.