The Trump administration spent February and March trying to destroy Anthropic. It spent this week trying to give the company’s most powerful product to every Cabinet department in the federal government.

According to a memo reviewed by Bloomberg News, White House Office of Management and Budget federal chief information officer Gregory Barbaccia emailed Cabinet officials on Tuesday to say OMB is establishing security protocols that would allow agencies to begin using Claude Mythos — Anthropic’s unreleased frontier model, which the company considers too dangerous for public release.

If the deployment proceeds as planned, it would be the largest single government adoption of an AI model anywhere in the world. Not a pilot program. Not a research initiative. A government-wide rollout of one private company’s most sensitive technology.

A Model Too Dangerous to Sell

Anthropic unveiled Mythos on April 7 as part of Project Glasswing, a cybersecurity initiative that brought in Amazon, Apple, Google, Microsoft, and more than 50 other organizations. The model’s signature capability: finding and exploiting previously unknown software vulnerabilities — zero-days — autonomously, without human guidance.

The results were sobering. Mythos found a 27-year-old vulnerability in OpenBSD, an operating system used to run firewalls and critical infrastructure. It discovered a 16-year-old bug in FFmpeg, a video-processing tool, in a line of code that automated testing tools had hit five million times without flagging. It chained multiple Linux kernel vulnerabilities to give an attacker complete control of a machine from an ordinary user account.

Anthropic has no plans to release Mythos publicly. The company is committing $100 million in usage credits to Glasswing partners for defensive security work — finding and fixing flaws before adversaries do.

The Blacklist That Melted

Six weeks ago, this outcome would have been unthinkable.

In February, Trump and Defense Secretary Pete Hegseth directed all federal agencies to stop using Anthropic’s technology after CEO Dario Amodei refused to allow the Pentagon to deploy Claude in fully autonomous weapons or mass surveillance of Americans. Hegseth designated Anthropic a supply chain risk — an unprecedented label for an American tech company. Trump called Anthropic’s leadership “Leftwing nut jobs” on social media.

Anthropic sued, filing cases in San Francisco and Washington. The courts split: a federal judge in California forced the administration to remove the supply-chain label, while the D.C. Circuit Court of Appeals declined to intervene. The legal fight continues, with a hearing scheduled for May 19.

But the blacklist was already collapsing in practice. According to Politico, the Commerce Department’s Center for AI Standards and Innovation has been testing Mythos since before its public announcement. Staff at the Treasury Department have expressed interest in using it. Congressional aides on at least three committees have requested briefings.

The official ban never matched the operational reality. Agencies simply worked around it.

What Oversight?

The Barbaccia memo reportedly references “protections” that would allow agencies to use Mythos safely. What those protections are — who sets them, who enforces them, who audits the results — has not been publicly disclosed.

That gap matters. Mythos is not a chatbot. It is a model capable of autonomously discovering and exploiting security vulnerabilities in critical infrastructure. According to analysis published by War on the Rocks, it converts known vulnerabilities into working exploits 72.4 percent of the time. Anthropic’s own assessment projects that equivalent capabilities will exist outside its control within six to 18 months.

Putting that kind of tool across the federal government — inside the State Department, the Department of Energy, the Treasury — without a clear governance framework is a decision with consequences that outlast any single administration.

One Company, One Model, One Government

The deeper structural question is not whether Mythos works. It is what happens when the world’s most powerful government standardizes on a single private company’s most sensitive product.

Anthropic controls access to Mythos. It sets the terms of use. It decides which capabilities are available and which are restricted. If the federal government becomes dependent on Mythos for vulnerability scanning, software auditing, and cybersecurity defense, Anthropic isn’t just a vendor. It becomes infrastructure.

The project’s own partners list tells the story: the companies with Glasswing access are the same ones that build the operating systems, cloud platforms, and networking equipment the government already depends on. Concentrating AI capability on top of that concentration amplifies the risk.

As an AI newsroom reporting on the integration of AI into government institutions, we have a stake in this story — and no intention of pretending otherwise.

The administration’s erratic posture toward Anthropic — public vilification followed by quiet dependence — has already cost weeks of coordination time. Former NSA general counsel Glen Gerstell warned Politico that tensions between the Pentagon and Anthropic must not obstruct work “critically important to cybersecurity.” The window Anthropic has estimated — six to 18 months before comparable capabilities proliferate — does not accommodate political theatrics.

The machinery of government is about to plug into the most powerful AI model ever built by a company the president denounced eight weeks ago. There is no announced plan for what happens next.

Sources