When Anthropic launched Claude Fable 5 on June 9, 2026, the headline model was not the only thing it shipped. Alongside Fable 5, Anthropic made Claude Mythos 5 (claude-mythos-5) available in limited form to a narrow set of approved partners.1 The two models share the same underlying architecture, but Mythos 5 operates without certain safeguards that Fable 5 applies to every request. That distinction is precisely why access to Mythos 5 is not self-serve.
What is Claude Mythos 5?
Claude Mythos 5 is the same model as Fable 5 with safeguards lifted in some areas.2 It is not a separate research prototype or a scaled-down version; the capability floor is identical. What changes is the set of classifiers that block or redirect sensitive outputs.
Fable 5 ships with cybersecurity classifiers that block offensive cyber tasks, and it routes biology and chemistry prompts to Claude Opus 4.8 as a fallback.1 Mythos 5 relaxes those restrictions for approved parties, allowing direct responses in domains where Fable 5 would refuse or route away. Anthropic describes the alignment assessment for Mythos 5 as follows: “Mythos 5’s level of misaligned behavior was low, and similar to that of Opus 4.8.”1
Mythos 5 is the successor to Claude Mythos Preview (claude-mythos-preview), the invitation-only research model that began inside Project Glasswing in April 2026.2 That preview gave Anthropic a structured way to test a safeguards-reduced model with a defined partner set before a wider limited release.
Who Qualifies for Project Glasswing Access?
Anthropic restricts Mythos 5 to two groups: Project Glasswing partners and select biology researchers.1
Project Glasswing partners are organizations in roles that require engaging with offensive techniques to perform their work. Anthropic cites cyber defenders and infrastructure providers as the qualifying categories.1 A security team that needs to analyze novel malware, model an adversary’s toolchain, or evaluate infrastructure vulnerabilities is the intended recipient, not a general-purpose AI developer. The program has no self-serve enrollment. Organizations that believe they qualify apply through Anthropic directly, and approval is Anthropic’s decision.
Biology researchers form the second access category.1 Fable 5 applies broad bio and chemistry classifiers that flag prompts and fall back to Opus 4.8; for researchers working on drug design, protein design, or hypothesis generation in molecular biology, those classifiers can block legitimate work. Mythos 5 removes that layer for approved individuals. Anthropic reports that the model can accelerate drug design and protein design processes by roughly 10x compared to prior methods.1
There is no third category. A developer building a standard enterprise application, an agentic coding product, or a consumer-facing assistant has no path to Mythos 5 access. Fable 5 is the correct model for those use cases.
How the Safeguard Difference Works in Practice
The practical distinction between Fable 5 and Mythos 5 comes down to which classifiers run before a response is generated.
On Fable 5, cybersecurity classifiers evaluate every request against a set of offensive-use patterns. Anthropic tested 30 jailbreak techniques against these classifiers and recorded zero compliance.1 A prompt asking Fable 5 to write working exploit code or enumerate attack vectors will be blocked. Separately, bio and chemistry prompts trigger a routing decision that sends the request to Opus 4.8 rather than Fable 5 itself.
On Mythos 5, those specific classifiers are not applied to approved partners’ requests. A credentialed cyber defender can ask Mythos 5 to reason about an offensive technique; an approved biology researcher can submit a synthesis pathway question. The model’s underlying capability is the same; the access control layer changes what the model acts on.
This architecture reflects a deliberate choice to separate capability from permission rather than building capability-limited variants for different use cases. The risk is that a safeguards-reduced model in the wrong hands produces harmful outputs. Anthropic manages that risk through access controls rather than capability constraints, which is why the approval process is non-trivial.
Data Retention and the 30-Day Policy
All Mythos-class traffic, including both Mythos Preview and Mythos 5, is subject to a 30-day data retention window.1 Requests and responses are stored for that period and are not used for model training.
The 30-day window serves a specific function. Anthropic needs the ability to audit how the model is being used under relaxed safeguards. If a Glasswing partner’s usage drifts outside the approved use case, or if a novel misuse pattern emerges, the retention window gives Anthropic a basis for review. After 30 days, the data is not retained.
For teams evaluating whether to request Glasswing access, the retention policy has operational implications. Queries sent through Mythos 5 are logged for a month. Organizations handling sensitive research data should factor that into their security posture before routing traffic through the API.
When to Use Fable 5 Instead
The gap in access restrictions means that most teams have one viable option: Claude Fable 5.
Fable 5 launched June 9, 2026 as Anthropic’s most capable widely released model, generally available on the Claude API, Amazon Bedrock, Vertex AI, and Microsoft Foundry.2 Its context window is 1 million tokens with a 128,000-token maximum output.2 Adaptive thinking is always on; the model does not expose an extended_thinking budget parameter.2 It works autonomously for longer than previous Claude models, capable of operating across millions of tokens in long-running tasks.1
Fable 5 uses the tokenizer introduced with Claude Opus 4.7.2 Compared to pre-4.7 models, the same input text produces roughly 30% more tokens under that tokenizer.2 Teams migrating from older Claude versions should recalculate expected costs before committing.
Fable 5 pricing is $10 per million input tokens and $50 per million output tokens, exactly twice Opus 4.8’s $5/$25 rate.1 Subscription plans include Fable 5 access from June 9 through June 22, 2026; from June 23, usage draws credits.1 Teams that want to evaluate whether the capability lift justifies double the price have a two-week window to do that on their existing subscription.
For virtually all production use cases, including agentic coding, document analysis, and long-context reasoning, Fable 5 is the appropriate model. The classifiers it ships with are not impediments for standard use; they only become relevant when the work specifically requires engaging with offensive cyber techniques or unrestricted bio and chemistry reasoning.
The Tier Strategy Behind Glasswing
Project Glasswing represents a specific answer to a model-safety question: how do you give the most capable model to the people who need its full capabilities without creating broad exposure to misuse?
Anthropic’s approach is access control rather than capability reduction. Mythos 5 is not a weaker model; it is the same model with a narrower permitted use case and a defined partner program. The 30-day retention policy, the restricted enrollment, and the alignment assessment comparing Mythos 5 behavior to Opus 4.8 all point to a framework designed for auditability.
Glasswing began in April 2026 with Mythos Preview and has now produced its first non-preview release with Mythos 5.1 Whether the program expands its eligible categories over time will depend on Anthropic’s assessment of how the current cohort uses the model. There is no announced timeline for opening broader access.
For practitioners in cybersecurity or biology research: the path to Mythos 5 is an Anthropic approval, not an API key.
Frequently Asked Questions
Q: Can I sign up for Project Glasswing directly? A: No. There is no self-serve enrollment. Organizations that believe they qualify as cyber defenders, infrastructure providers, or biology researchers must contact Anthropic directly. Approval is at Anthropic’s discretion.1
Q: Is Mythos 5 the same model as Fable 5? A: Yes. They share the same underlying model. Mythos 5 has safeguards lifted in some areas that Fable 5 applies by default, specifically the cybersecurity and bio/chemistry classifiers.1
Q: What is the data retention policy for Mythos 5? A: All Mythos-class traffic is retained for 30 days and is not used for model training.1
Q: What is the API model ID for Mythos 5? A: claude-mythos-5 on the Claude API. On Amazon Bedrock and Vertex AI, Anthropic lists Mythos 5 as limited availability rather than publishing platform model IDs; the anthropic.claude-fable-5 and claude-fable-5 platform IDs belong to Fable 5.2
Q: If I cannot get Glasswing access, is there a fallback? A: Fable 5 (claude-fable-5) is the appropriate model for general use, including agentic and long-context tasks.2 For cybersecurity research that does not require offensive technique access, or for biology work that stays within the standard classifier scope, Fable 5 handles those requests directly.