Sponsor:
Moda creates AI Decks that don't look AI-Generated
Every AI tool can create "AI slop". You know it the second you see it.
Moda is different: it learns your brand identity and applies it to every slide, document, and marketing asset your team makes. It learns your preferences so the designs get better over time.
The best part? Every layer is fully editable on a real canvas, and exports to powerpoint, PDF and more.
Moda has raised $7.5M from General Catalyst, Pear VC, and the founder of Dropbox.
iPrompt
THE AI NEWSLETTER THAT TURNS NEWS INTO ACTION
THE HOOK
Your access to the AI tools you depend on may now hinge on rules you can’t see and don’t control. Fable 5 came back online today, nineteen days after a government order switched it off — with a bill and an ID check attached. Its sister model came back too, but only for a list you’re probably not on. The blackout taught you to distrust one model. This week teaches you to read the terms.
AI NEWS ROUNDUP
This week in AI
1 Fable 5 is back — with a bill and a form attached. Nineteen days after Washington switched it off, Fable 5 returned globally today. The free ride is short: Pro, Max and Team plans keep it included only through 7 July, then it draws on usage credits; Enterprise needs credits switched on manually, or the model stops working. Anthropic also rebuilt the safety classifier behind the original bypass, now blocking the reported technique in over 99% of cases. Anthropic statement →
2 Meet Annex A — the list that decides who gets the strongest model. Mythos 5, Anthropic’s cybersecurity model, is back too — but only for about 100 vetted US organisations on an unpublished list Commerce Secretary Lutnick can revise “at any time.” Everyone else still needs an export licence. It’s the first formal template for government-gated AI access. Axios →
3 OpenAI just proved this isn’t only Anthropic’s problem. Hours before the Mythos news broke, OpenAI launched its newest model to a small, government-approved partner list — not the public. Its own words: this “shouldn’t become the long-term default.” Same regulatory playbook, different company, same week. TechCrunch →
4 28.8 million conversations. 25,000 fake accounts. One rival model. That’s what Anthropic told the US Senate that Alibaba’s Qwen lab extracted from Claude this spring — the largest AI distillation attack the company has ever disclosed. No breach, no stolen password: just ordinary accounts, run at industrial scale. It’s the same access question this issue keeps circling back to, from the other side — who gets let in, and how you’d know if the wrong people already were. CNBC →
OUR ANGLE
🔭 The permission layer just became permanent infrastructure The pattern. Emergency shutdown → controlled restoration → vetted access. Two competing labs ran that exact sequence independently, in the same seven days — and neither lost customers or credibility for it. What that means for you. A model you rely on can now be narrowed to a list you’re not on, instead of simply switched off. The question worth asking has quietly changed from “is this model good enough” to “am I on the list.” The honest caveat. Two events isn’t proof of a permanent shift — it’s evidence of one. If both labs quietly return to open access once this dispute cools, this reads as an overreaction. Worth holding both possibilities. The bet. By the end of Q3 2026, at least one more frontier lab adopts a tiered, vetted-access model voluntarily — the fastest route back to market after a security scare, not the slowest. The full case — the permission economy → |
THE THREE SPECIALS
Do · Use · Understand
🎯 PROMPT OF THE WEEK
The Vendor Risk Scorecard
Anthropic, Amazon, Microsoft and Google just built a four-question scorecard to grade how dangerous an AI jailbreak is. Turn the same four questions on your own AI stack — the vendors and tools you’d genuinely struggle to lose — before their next policy change catches you the way this month caught almost everyone.
You are my AI vendor risk auditor. Here is a tool or model I depend on: what it does, how critical it is, and how often I use it. Score it on the same four axes labs now use to grade AI jailbreak severity: 1. Capability concentration — if this vendor changed its terms tomorrow, what could I no longer do that I can’t easily replace? 2. Breadth of dependency — how many of my workflows actually touch this one vendor? 3. Ease of substitution — how many honest hours to swap to a real alternative? 4. Discoverability of change — would I notice a quiet policy change before it hit me, or only after? Score each 1–5. Anything scoring 4–5 on two or more axes is this month’s audit target. |
Why it works: the framework labs built to grade their own risk is a genuinely good lens for grading yours — it forces “this tool is powerful” apart from “I’d notice if it changed.” Works best on: any model with a large context window; paste your actual vendor contract or pricing page alongside your answers for sharper scoring.
🛠️ TOOL OF THE WEEK LiteLLM Open-source proxy that speaks every major model’s API — self-hosted, so no third party sits between you and your fallback. ★★★★ / 5 Last week we recommended OpenRouter as insurance against single-model dependency. Fair question this week: what happens if the insurer becomes a vendor you depend on too? LiteLLM is the self-hosted answer — you run the routing layer, not a third party. It exposes one OpenAI-compatible endpoint in front of 100-plus providers, including Claude, GPT, Gemini and any open-weight model you host yourself, with built-in fallback, retry and spend tracking. Not technical? The principle still holds: know which of your tools you actually control, and which you’re simply renting access to. Use if: you’re comfortable running a lightweight proxy and want zero dependency on someone else’s routing layer. Skip if: OpenRouter’s managed convenience is worth paying for — that’s a legitimate trade, not a mistake. Describe it to a colleague: “It’s the same adapter — except we own the socket.” Best use case: put an open-weight model behind it as the fallback that never needs an export licence, whoever’s government writes the next letter. LiteLLM → |
💡 TIP OF THE WEEK The grace period is not the policy Here’s what got buried under the good news: Fable 5 didn’t come back “restored” — it came back with a countdown. Free inclusion for Pro, Max and Team plans runs out on 7 July; after that, usage credits. Enterprise needed credits switched on manually, or the model simply doesn’t work for your team. Again. Pin the actual expiry date, not the headline date. Every “we’re bringing it back” post has two dates: today’s, and the one the free window closes. Calendar the second one. Check whether “on” means “on for you.” Enterprise access needed a setting switched on — not a default. A restored model nobody enabled is still an outage. Why it works: the sentence that costs you money is never the headline — it’s clause three, footnote one. Reading past the good news is the whole skill. Where it doesn’t apply: genuine no-strings restorations exist. The tell is whether a specific date and an action item both show up in the fine print. If neither does, relax. |
YOUR MOVE
One action. Everything else is optional.
This week in three lines:
Fable 5 is back today, but on a countdown — free access ends 7 July, and Enterprise needs credits switched on or the model stops working.
Four companies quietly agreed on how to score AI danger before shipping it — the closest thing AI has to a shared safety standard.
None of that is in your control. What is: knowing exactly which of your tools could be narrowed next, and by when.
Your one action: run the Vendor Risk Scorecard on the one AI tool you’d genuinely struggle to lose, and reply with what you found. I read every response.
(Optional, five more minutes: calendar the exact date any “temporary” grace period in your stack actually ends.)
(After you’ve replied — and only then — the deep dive on the permission economy is waiting.)
—
R. Lauritsen
EDITOR · IPROMPT
P.S. Nineteen days ago the only question was “when does it come back?” This week it’s “on whose terms?” Read the deep dive before that becomes the wrong question to ask about every tool you use.
Forward iPrompt → For the colleague who assumed “it’s back” means “nothing changed.” |
AlphaSignal's 8-person team automated 18 workflows. No developer.
AlphaSignal runs the most-read technical AI newsletter with an 8-person team. One salesperson installed Viktor for prospect research. Sixty-seven days later it runs 18 workflows across sales, ops, editorial, and finance: proposal builder, deal updates, competitor monitoring, P&L analytics. No developer hired.


