Tag
The US issued an export control on the Mythos and Fable models, and suddenly jailbreaks and indirect prompt injection are board-level topics. The technical threat didn't change. The audience did. Here is what that means for the agent running on your machine.
A White House report shows Anthropic's Fable model declining a security review prompt, then complying when the same task is reworded. The trust boundary is inside the model, and that breaks the assumptions every agent harness makes.
A patched flaw in Vercel's AI SDK let attackers forge tool approvals from client history. The bug is fixed. The assumption that produced it is everywhere.
Claude Code v2.1.160 added a prompt before writing to shell startup files that could otherwise lead to unintended command execution. The fix is correct. The two-year gap before it shipped is the real story.
