Detailed Analysis
The National Security Agency has been confirmed to be actively deploying Anthropic's most advanced AI model, Claude Mythos Preview, even as the broader Pentagon has classified Anthropic as a "supply chain risk" and moved to sever formal ties with the company beginning in February 2026. Two independent sources verified the NSA's use of the model, with at least one indicating that deployment extends beyond the NSA to other components within the Department of Defense. The primary application centers on scanning systems for security vulnerabilities — consistent with how other authorized users of Mythos are known to employ the tool. This creates a striking institutional contradiction: the DoD, which oversees the NSA, is simultaneously pursuing legal proceedings alleging Anthropic's tools threaten U.S. national security while one of its premier intelligence agencies quietly relies on those same tools for cybersecurity operations.
Anthropic has taken an unusually restrictive approach to Mythos distribution, limiting access to approximately 40 organizations worldwide due to what the company describes as the model's "offensive cyber functionalities." Of those organizations, Anthropic has publicly named only 12, with the NSA among those granted access under a non-disclosed arrangement. The UK's intelligence and security apparatus gains access through its AI Security Institute, suggesting a coordinated but carefully controlled allied-nation framework. On April 18, 2026, Anthropic CEO Dario Amodei met directly with White House Chief of Staff and Treasury Secretary Scott Bessent to discuss Mythos's role in government operations, applicable security protocols, and a pathway forward for non-Pentagon federal departments — a meeting that signals Anthropic is actively working to formalize and expand its government relationships even as the DoD ban remains in effect.
The situation exposes a deep structural tension in U.S. federal AI governance: procurement policy and operational necessity are operating on entirely separate tracks. The Pentagon's designation of Anthropic as a supply chain risk appears rooted in procurement and legal risk frameworks, while front-line intelligence and cybersecurity professionals are making independent operational judgments that the technology's capabilities outweigh those institutional concerns. This is not unprecedented in the history of dual-use technologies within the defense community, where classified operational requirements have frequently diverged from official policy positions, but the public visibility of this particular contradiction is unusual and politically significant.
More broadly, the Mythos situation reflects the accelerating integration of frontier AI into national security infrastructure at a pace that outstrips the policy and regulatory frameworks designed to govern it. Anthropic occupies an unusual position among major AI developers in having built a model powerful enough that even adversarial government relationships cannot fully dislodge its operational deployment. The "offensive cyber functionalities" language used to justify Mythos's restricted access list also signals that Anthropic is explicitly acknowledging dual-use risk in its most capable models — a rare instance of a leading AI lab formally embedding that risk calculus into its distribution architecture. Whether the White House-level engagement initiated by the Amodei meeting will resolve or further complicate the DoD's official posture toward Anthropic remains an open question, but the outcome will likely set a significant precedent for how the U.S. government manages its relationships with frontier AI developers whose capabilities it simultaneously fears and depends upon.
Read original article →