cd /news/ai-safety/claude-fable-5-security-bypassed-usi… · home topics ai-safety article
[ARTICLE · art-59732] src=cryptobriefing.com ↗ pub= topic=ai-safety verified=true sentiment=↓ negative

Claude Fable 5 security bypassed using ‘/btw’ command in Claude Code

A security bypass has been discovered in Anthropic's Claude Fable 5 AI model, allowing users to circumvent safety filters using the '/btw' command in the Claude Code interface. The exploit exploits a fallback system that routes sensitive requests to an older model, Opus 4.8, without user notification, raising concerns for enterprise users deploying the model in coding environments. Anthropic had not confirmed the vulnerability or issued a patch as of mid-July 2026.

read2 min views1 publishedJul 14, 2026
Claude Fable 5 security bypassed using ‘/btw’ command in Claude Code
Image: Cryptobriefing (auto-discovered)

A simple side-question command is reportedly enough to route around Anthropic's latest AI model safety guardrails

Anthropic’s newest flagship model has a problem, and it involves a two-letter abbreviation most people use in casual texting.

Claude Fable 5, launched on June 9, 2026, is Anthropic’s most capable model yet, built for complex coding tasks, multi-step reasoning, and extended autonomous operations. Within weeks of its debut, community users had already identified a method to sidestep its safety filters using the /btw command inside the Claude Code interface.

The /btw command was designed as a convenience feature, letting users ask follow-up or side questions without interrupting an active coding session.

How the bypass actually works #

Anthropic built a fallback system that reroutes sensitive requests, particularly those touching cybersecurity topics, to the previous model, Opus 4.8, without surfacing an error message to the user.

The /btw command appears to exploit the gap between that routing logic and Fable 5’s primary session context. Community reports suggest that framing restricted queries as session asides, rather than direct requests, allows them to bypass the classifier before the rerouting mechanism kicks in. The result is that the restriction disappears without the user ever seeing a refusal or a model switch.

No official statement from Anthropic confirming the vulnerability or announcing a patch had been issued as of mid-July 2026.

Why this matters beyond one model #

The model targets professional users across Pro, Max, Team, and Enterprise tiers. The price point for access sits at the premium end of the market, which means the user base skews toward developers and security researchers who are precisely the people most likely to probe the model’s boundaries systematically.

What investors and operators should watch #

The fallback-to-Opus-4.8 design choice suggests Anthropic is treating safety not as a binary gate but as a tiered system with older, more conservative models acting as a backstop. The /btw bypass suggests the implementation has at least one gap the design did not account for.

For enterprise operators currently evaluating or deploying Fable 5 in coding environments, cybersecurity-adjacent queries are the flagged category most often cited in community reports, which is exactly the domain where an enterprise operator would least want unpredictable model behavior. Anthropic’s track record on patch velocity and disclosure will be the key variable to watch over the coming weeks. No official confirmation from Anthropic on security patches has been reported as of mid-July 2026.

Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our

Editorial Policy.

── more in #ai-safety 4 stories · sorted by recency
── more on @anthropic 3 stories trending now
sponsored brought to you by zahid.host 4,200+ EU-deployed projects
reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain — perfect for shipping the agent you just read about.

$git push zahid main
Live at https://your-agent.zahid.host
Get free account → Pricing
from €0/mo · no card required
LIVE [news/claude-fable-5-secur…] indexed:0 read:2min 2026-07-14 ·