Claude Fable 5 security bypassed using ‘/btw’ command in Claude Code

1 hour ago 31

Anthropic’s newest flagship model has a problem, and it involves a two-letter abbreviation most people use in casual texting.

Claude Fable 5, launched on June 9, 2026, is Anthropic’s most capable model yet, built for complex coding tasks, multi-step reasoning, and extended autonomous operations. Within weeks of its debut, community users had already identified a method to sidestep its safety filters using the /btw command inside the Claude Code interface.

The /btw command was designed as a convenience feature, letting users ask follow-up or side questions without interrupting an active coding session.

How the bypass actually works

Anthropic built a fallback system that reroutes sensitive requests, particularly those touching cybersecurity topics, to the previous model, Opus 4.8, without surfacing an error message to the user.

The /btw command appears to exploit the gap between that routing logic and Fable 5’s primary session context. Community reports suggest that framing restricted queries as session asides, rather than direct requests, allows them to bypass the classifier before the rerouting mechanism kicks in. The result is that the restriction disappears without the user ever seeing a refusal or a model switch.

No official statement from Anthropic confirming the vulnerability or announcing a patch had been issued as of mid-July 2026.

Why this matters beyond one model

The model targets professional users across Pro, Max, Team, and Enterprise tiers. The price point for access sits at the premium end of the market, which means the user base skews toward developers and security researchers who are precisely the people most likely to probe the model’s boundaries systematically.

What investors and operators should watch

The fallback-to-Opus-4.8 design choice suggests Anthropic is treating safety not as a binary gate but as a tiered system with older, more conservative models acting as a backstop. The /btw bypass suggests the implementation has at least one gap the design did not account for.

For enterprise operators currently evaluating or deploying Fable 5 in coding environments, cybersecurity-adjacent queries are the flagged category most often cited in community reports, which is exactly the domain where an enterprise operator would least want unpredictable model behavior.

Anthropic’s track record on patch velocity and disclosure will be the key variable to watch over the coming weeks. No official confirmation from Anthropic on security patches has been reported as of mid-July 2026.

Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our Editorial Policy.

Read Entire Article