Pulse

Political risk / Jul 11, 2026 / 4 min

London Found What Washington Won't Pull

On July 9, the U.K. AI Security Institute reported universal jailbreaks in GPT-5.6 Sol — unlocking long-form vulnerability discovery and exploit development — in OpenAI's own system card, the same week Commerce killed Anthropic's Fable 5 over a narrow Amazon-reported bypass and Washington cleared Sol for a public IPO-week launch.

Thesis Britain's AISI just documented universal cyber jailbreaks in GPT-5.6 Sol in OpenAI's own filing — while Washington pulled the export-control kill switch on Anthropic's Fable over a narrower flaw Amazon carried to the White House — proof frontier AI policy now runs on who reports first, not what the red team finds.

Britain's AI Security Institute found universal jailbreaks in GPT-5.6 Sol — long-form agentic hacking, not one-off prompts — and OpenAI published the finding in its own system card July 9, the same week Washington cleared Sol for a public launch while Commerce had killed Anthropic's Fable 5 over a narrower flaw Amazon carried to the White House.

What AISI found: Universal, not narrow.

  • In OpenAI's GPT-5.6 Preview system card, UK AISI reported it "identified universal jailbreaks in the cyber domain, including jailbreaks that allowed for long-form agentic task completion in domains like vulnerability discovery and exploit development."
  • The jailbreaks were "often developed within hours" and preserved the model's offensive benchmark performance.
  • AISI expects "further red teaming to surface similar jailbreaks" even after OpenAI patched the specific instances.
  • On long-horizon cyber ranges, Sol completed The Last Ones — a 32-step corporate-network attack simulation — in 7 of 10 attempts. Mythos was the first model to clear both AISI ranges.

What triggered Fable's kill switch: A narrower bypass.

  • On June 12, Commerce ordered Anthropic to cut off Fable 5 and Mythos 5 worldwide after Amazon researchers demonstrated a jailbreak that coaxed the model into identifying software vulnerabilities.
  • Anthropic said at the time: "No testers have yet been able to find a universal jailbreak — a jailbreak method that can very broadly bypass the model's safeguards, unblocking a wide range of cyber capabilities."
  • Fortune and Forbes reported Amazon CEO Andy Jassy carried the concern to Treasury Secretary Scott Bessent and White House adviser David Sacks. Commerce lifted the ban July 1 after Anthropic trained a tighter classifier.
  • AISI characterized the Sol jailbreaks as more severe — "universal" and capable of autonomous exploits, not just vulnerability identification.

The access gap: Grey box in, product out.

  • AISI tested Sol with privileged access: chain-of-thought from the safety monitor, exact policy wording, and real-time classifier feedback "that would not be accessible to real-world attackers."
  • Xander Davies, who leads AISI's red team, posted on X that the jailbreaks "are still findable without this access, just slower. Exactly how much slower is unclear and an open question!"
  • OpenAI said it dedicated 700,000 A100-equivalent GPU hours to automated universal-jailbreak discovery and patched AISI's specific findings before launch.
  • Stanislav Fort, AISLE CTO and former Anthropic researcher, told Fortune: "Patching what AISI found is necessary, but it unfortunately only closes those specific attack instances, not the category as a whole."

What Washington did instead: Cleared, then shrugged.

  • OpenAI previewed GPT-5.6 June 26 under a staggered release with government-vetted partners — saying it "doesn't believe this kind of government access process should become the long-term default."
  • Axios reported the White House cleared Sol for launch July 8; a senior official later told CNBC "no such permission is required or granted" and timelines "rest entirely with the [AI] companies."
  • GPT-5.6 Sol, Terra, and Luna went public July 9 — IPO week for OpenAI, fresh off Apple's trade-secret suit and NYT discovery sanctions.
  • As of July 11, no export-control order has followed AISI's findings. The White House did not respond to Fortune's requests for comment.

Who noticed the double standard:

  • AI policy researcher Lennart Heim reposted Davies' disclosure with: "good thing amazon didn't report this one to the white house."
  • A former U.S. AI policy adviser told Fortune the pattern raises "the question of whether, intentional or not, the U.S. is applying an inconsistent standard to different AI labs."
  • Microsoft President Brad Smith told Fortune at Geneva's AI for Good summit that Washington runs "regulation without transparent or complete rules" — the same week Commerce cleared Sol publicly.
  • Anthropic, Amazon, Microsoft, and Google are building a shared jailbreak-severity framework. OpenAI was not in the initial group named when Fable returned July 1.

What we cannot verify:

  • Whether AISI's jailbreaks would reproduce at scale against the shipped product without grey-box access.
  • Whether Commerce reviewed AISI's findings before Sol's public debut.
  • Whether any White House official saw the system-card disclosure before July 9.

Convina's view: Washington did not discover a new risk class on July 9 — Britain documented the same universal-jailbreak category in OpenAI's own filing that Commerce used to black out Anthropic in June. The difference is the messenger and the moment: Amazon's CEO carried a narrow Fable bypass to the Oval; AISI published universal Sol jailbreaks inside a launch document and Davies posted the excerpt himself. IPO-week OpenAI gets patches and a phased rollout. Anthropic got export law. That is not a cybersecurity standard. It is asymmetric enforcement dressed as national security — and every enterprise buyer pricing frontier models for 2027 now has to model politics, not just capability.

Research Signals

https://deploymentsafety.openai.com/gpt-5-6 https://openai.com/index/previewing-gpt-5-6-sol/ https://fortune.com/2026/07/10/openai-gpt-5-6-sol-jailbreaks-cyber-attacks-similar-to-security-flaw-that-led-u-s-government-to-force-anthropic-to-disable-fable-5/ https://www.anthropic.com/news/fable-mythos-access https://www.anthropic.com/news/redeploying-fable-5 https://www.aisi.gov.uk/blog/boundary-point-jailbreaking-a-new-way-to-break-the-strongest-ai-defences