Skip to main content
Back to News
Anthropic proposes CJS framework to assess AI jailbreak risks in 5 levels
Technology
2 min read
US

Anthropic proposes CJS framework to assess AI jailbreak risks in 5 levels

The AMW Read

Framework is a significant structural contribution to AI safety governance, updating Anthropic's case-study narrative and advancing the safety-as-industry-force debate, though not resolving it.
NoveltySignificance
Foundation Models · Case StudiesSafety / Alignment
Anthropic
Anthropic

Foundation Models / LLMs

View Company Profile

Anthropic proposes CJS framework to assess AI jailbreak risks in 5 levels

Anthropic has published a draft of its Cyber Jailbreak Severity (CJS) framework, classifying jailbreak risks from CJS-0 to CJS-4. The system evaluates capability gain, breadth of capability gain, ease of weaponization, and discoverability—scoring each to produce a final severity level. The company also disclosed the operational rules for its cybersecurity safety classifier in Claude Fable 5, categorizing user requests into four tiers: prohibited use, high-risk dual-use, low-risk dual-use, and general use. The framework was developed in collaboration with Amazon, Microsoft, and Google as part of Project Glasswing.

Why it matters: This is a structural contribution to the AI safety substrate that cuts across the foundation model segment. The industry has lacked a consistent severity taxonomy for jailbreaks, making it hard for developers to prioritize fixes and for regulators to apply common standards. Anthropic's proposal, by factoring in real-world weaponization potential and discoverability, moves beyond binary safe/unsafe classification and toward a risk-calibrated approach. This directly updates the safety-as-industry-force dynamic (cross.§G) and opens a new front in the open debate about how frontier labs should operationalize responsible deployment.

Grounded expert take: The CJS framework is notable for its explicit treatment of time-dependent risk—the same model output can be CJS-4 before a vulnerability is publicly known and CJS-0 after scanners detect it. This temporal dimension is a pragmatic response to the recurring tension between security research and harm prevention. By publishing a draft and soliciting feedback from academia, industry, civil society, and government, Anthropic is positioning itself as the norm-setter in jailbreak severity assessment, potentially preempting more rigid regulatory intervention. The framework's exponential risk scaling (each level representing multiples of the previous) also reflects the non-linear nature of real-world harm in cybersecurity contexts.

#Anthropic#AI safety#jailbreak assessment#Claude Fable 5

How This Connects

Based on Foundation Models · Case Studies

  1. 2d agoAnthropic proposes CJS framework to assess AI jailbreak risks in 5 levels · THIS ARTICLE
  2. 2d agoAnthropic has signed a 20-year lease agreement with TeraWulf for a data center valued at $19 billion...Anthropic
  3. 4d agoMoonshot AI (月之暗面), operator of the Kimi assistant, has launched a new funding round at a $31.5 bill...月之暗面
  4. 1w agoAnthropic cuts off Fable 5 and Mythos 5 access after White House export control directiveAnthropic
  5. 1w agoOpenAI previews GPT-5.6 series with three-tier 'Sol/Terra/Luna' lineup, delays full release at US government requestOpenAI
  6. 1w agoOpenAI debuts GPT-5.6 model family Sol, Terra, Luna with phased rollout and enhanced safety monitoringOpenAI

Related News

More news from Anthropic

Stay updated with the latest news and announcements from Anthropic.

View all Anthropic news

Discover AI Startups

Explore 2,000+ AI companies with VC-grade analysis, funding data, and investment insights.

Explore Dashboard