Anthropic shares Trump executive order draft with cybersecurity expert

What happened?

According to a report by The Atlantic published on June 16, 2026, cybersecurity expert Katie Moussouris, CEO of Luta Security, revealed that Anthropic shared a copy of the White House report on the 'Fable' jailbreak with her for her opinion. Moussouris clarified that she does not receive compensation from Anthropic. The report, according to Moussouris, described how IT researchers asked Fable to help find and fix security bugs. When provided with deliberately insecure code, Fable refused to 'review the code for security issues,' but agreed when asked to 'fix this code,' followed by some additional manual steps. Moussouris described this as 'the model behaving as expected' for cyber defense.

This incident occurs amid growing tension between the Trump administration and Anthropic, which has intensified since early 2026. The White House has been pushing for stricter export controls on advanced AI models, citing national security risks. Anthropic, for its part, has advocated for balanced regulation that does not stifle innovation. The leak of the draft suggests that Anthropic seeks to influence the regulatory narrative, using external experts to validate its arguments. This move echoes similar tactics used by other tech companies in the past, such as when Google shared internal documents with academics to influence privacy policies.

Broader context

This episode is part of an escalation of tensions between the Trump administration and Anthropic. The White House has been pushing for stricter export controls on advanced AI models, citing national security risks. Anthropic, for its part, has advocated for balanced regulation that does not stifle innovation. The leak of the draft suggests that Anthropic seeks to influence the regulatory narrative, using external experts to validate its arguments.

Historically, debates over technology export controls have precedents. During the Cold War, the United States imposed restrictions on the export of supercomputers and encryption software. More recently, in 2022, the Biden administration implemented export controls on AI chips to China. The current dispute with Anthropic reflects a similar tension: balancing national security with industry competitiveness. The involvement of Moussouris, a recognized figure in cybersecurity for her work on responsible vulnerability disclosure, adds weight to Anthropic's stance but also raises questions about the independence of external experts.

Why it matters

The Fable case is emblematic of the challenges in AI regulation: jailbreaks (techniques to bypass security restrictions) can be used for both cyber defense and cyber attacks. Moussouris's interpretation—that Fable's behavior was 'defensive'—contrasts with the White House's stance, which likely views it as a vulnerability. This disagreement underscores the difficulty of defining 'security' in AI and the need for clear regulatory frameworks.

Moreover, the case highlights the inherent ambiguity of jailbreaks: what some see as a security breach, others see as legitimate functionality. For example, in traditional cybersecurity, penetration testing (pen testing) is an accepted practice for finding vulnerabilities. However, in the AI context, the line between defense and attack is blurry. If Fable can be manipulated to 'fix insecure code,' it could also be instructed to generate malicious code, depending on the prompt. This duality is central to the regulatory debate.

Potential consequences

• For Anthropic: It could face political backlash for sharing internal documents with outsiders, even though the draft was not classified. The company risks losing influence in regulatory negotiations. However, by gaining the endorsement of an expert like Moussouris, Anthropic strengthens its public position. The company has already been under scrutiny: in March 2026, the Department of Commerce issued a warning letter about potential export control violations related to Claude 4.
• For the Trump administration: The leak could accelerate the implementation of stricter export controls, arguing that AI companies cannot self-regulate. President Trump has used this incident in recent speeches to justify tougher measures, though without directly mentioning Anthropic. The White House may also investigate Moussouris for potential conflicts of interest, though she has denied any compensation.
• For the industry: The incident could set a precedent for how AI companies collaborate with security experts and increase scrutiny of jailbreaks as a cyber defense tool. Other companies, such as OpenAI and Google DeepMind, are watching closely: if Anthropic succeeds in influencing policy, it could establish a model for regulatory public relations. Conversely, if the Trump administration imposes severe controls, it could affect these companies' ability to export advanced models, impacting their international revenues.

What readers should know

This case is not an espionage scandal but a public relations maneuver by Anthropic to shape public and regulatory opinion. Expert Katie Moussouris is a respected figure in cybersecurity, lending credibility to her assessment. However, the fact that Anthropic shared the draft indicates the company is concerned about the direction of export control policies. Readers should closely follow the evolution of this dispute, as it will define the balance between innovation and security in AI for years to come.

Furthermore, it is crucial to understand that the 'Fable' jailbreak is not an isolated case. In 2025, researchers demonstrated similar jailbreaks on OpenAI and Google models, suggesting that bypassing restrictions is a widespread problem. Anthropic's response, by sharing the report with Moussouris, may be an attempt to set a standard of transparency in the industry. However, it also risks eroding trust if perceived as a strategy to discredit regulators. Ultimately, the Fable case illustrates the complexity of governing a technology that can be both a defense tool and a potential weapon, and the need for informed dialogue among all stakeholders.