The NSA is reportedly using Anthropic's Mythos model despite the company being labeled a 'supply chain risk'

Detailed Analysis

The NSA's reported deployment of Anthropic's Mythos Preview model represents a striking institutional contradiction within the U.S. national security apparatus, wherein a subordinate intelligence agency is actively using technology from a company its own supervising body — the Department of Defense — has designated a "supply chain risk." Mythos, announced by Anthropic in April 2026, is a frontier AI model developed specifically for cybersecurity applications but deliberately withheld from public release due to its potent offensive cyber capabilities. Anthropic has restricted access to approximately 40 organizations, publicly identifying only 12, with the NSA reportedly among the undisclosed recipients. Within government systems, the model is primarily being used to scan environments for exploitable vulnerabilities and security weaknesses — a high-stakes application that underscores both the model's power and the sensitivity of its deployment context.

The backdrop to this contradiction is a deteriorating relationship between Anthropic and the DoD that came to a head during contract renegotiations earlier in 2026. The Pentagon sought unrestricted access to Anthropic's Claude models for what it characterized as "lawful purposes," a demand that Anthropic declined, citing firm restrictions against use in mass domestic surveillance and autonomous weapons systems. That refusal prompted DoD officials to publicly label Anthropic an unreliable partner and a supply chain risk — a designation with serious procurement and contracting implications. Despite this ongoing legal dispute, NSA access to Mythos has continued unimpeded, suggesting that operational demand for cutting-edge AI cybersecurity tools within the intelligence community is strong enough to override — or at least sidestep — the formal procurement posture of the department nominally overseeing it.

The situation illuminates a broader structural tension in how the U.S. government interfaces with frontier AI developers. Anthropic has consistently pursued a policy of conditional access — restricting its most capable models to vetted organizations and prohibiting specific high-risk use cases — a stance that puts it in friction with defense establishments that traditionally expect broad and unconditional access to contracted technologies. The company's decision to share Mythos with roughly 40 organizations, without public disclosure of the full list, reflects a calculated attempt to extend capabilities to trusted actors while maintaining meaningful guardrails. That the UK's AI Security Institute is also among confirmed recipients suggests a pattern of selective international intelligence-community access that operates somewhat independently of public-facing government policy.

High-level engagement between Anthropic CEO Dario Amodei, White House Chief of Staff, and Treasury officials — reportedly focused on Mythos deployment and associated security measures — signals that the conflict has escalated beyond bureaucratic channels into executive-level diplomacy. The absence of any official comment from Anthropic, the NSA, the Pentagon, or the Office of the Director of National Intelligence suggests all parties are navigating delicate ground, likely aware that public statements risk either inflaming the legal dispute or drawing unwanted scrutiny to ongoing intelligence operations. This silence itself is telling: it indicates that access to Mythos is considered valuable enough to maintain covertly, even amid formal institutional hostility.

The episode reflects a defining challenge for the AI industry as frontier models become increasingly embedded in national security infrastructure. AI companies like Anthropic that hold principled positions on acceptable use cases will face intensifying pressure from state actors who view such restrictions as incompatible with national security imperatives. At the same time, the NSA's continued use of Mythos despite the DoD's official posture demonstrates that operational utility can quietly override policy designations, raising accountability questions about how AI use within intelligence agencies is governed, disclosed, and aligned with the values and contractual terms set by the developers themselves. As AI capabilities advance, these tensions between developer ethics, government access demands, and operational security needs are likely to become more pronounced — not less.