Several U.S. federal agencies and government officials are quietly bypassing President Donald Trump's ban on artificial intelligence startup Anthropic and quietly testing its latest high-risk hacking model "Claude Mythos," causing high concern and unease in the technology and national security circles. This model is known for discovering critical software vulnerabilities that even top security experts have failed to identify. It is regarded as a "double-edged sword" that can both strengthen U.S. cyber defenses and potentially amplify the risk of global cyber attacks.

Staff at at least two large federal agencies have reached out to Anthropic in recent days to express interest in integrating Claude Mythos into their cyber defenses, according to a former senior government technology official familiar with the matter. Another source said that the U.S. Department of Commerce’s Center for Artificial Intelligence Standards and Innovation (CAISI), which is responsible for assessing the risks and opportunities of domestic and overseas AI models, is actively testing the model’s “hacking capabilities” and conducting so-called “red team testing” to assess its potential impact on national security. Meanwhile, staff on at least three relevant committees in Congress have held or requested closed-door briefings over the past week to hear Anthropic's technical explanation of Mythos' network scanning and vulnerability-mining capabilities.

This series of actions takes place against the backdrop of continued pressure from the Trump administration on Anthropic. In February, Trump jointly ordered all federal agencies to stop using Anthropic's technology, along with Defense Secretary Pete Hegseth, after the company's CEO, Dario Amodai, publicly opposed allowing the Pentagon to use its models for autonomous lethal attacks or mass surveillance of U.S. citizens. Subsequently, Hegseth rarely listed Anthropic as a "supply chain risk," which is equivalent to excluding its AI model from the Department of Defense contract system. Some researchers in the field of law and AI bluntly said that it is quite ironic that the US government is trying to block the most cutting-edge local AI security technology suppliers, but at the same time has to circumvent the ban to gain access to its "revolutionary" network security capabilities.

Multiple congressional aides said the White House's blocking of Anthropic effectively prevented the federal government from using the cutting-edge technology to strengthen its own cyber defenses. While adversaries such as Russia and China are competing to develop AI systems with equal or even greater hacking capabilities, the U.S. government network is forced to "tie its hands" due to political conflicts and is unable to fully deploy tools such as Mythos to discover and repair "zero-day vulnerabilities" in its own systems. One congressional aide even described the Pentagon’s move as tantamount to “shooting itself in the foot and pushing away the most powerful AI supplier.”

The White House emphasized in a statement that the Trump administration is still working with multiple AI companies to ensure that relevant models help find and fix critical software vulnerabilities. The statement stated that the government is proactively reaching out to relevant parties across departments and industries to ensure that the United States and its people are protected in this wave of AI-driven cyber attacks and defenses. Meanwhile, Anthropic announced last week that given Mythos' ability to find and exploit undisclosed software flaws, the model is currently only open to testing by a small number of technology and cybersecurity organizations due to security concerns and will not be open to the public for use.

On a legal level, Anthropic's conflict with the U.S. government is also escalating. Last month, the company simultaneously sued the government in two federal courts over the identification of "supply chain risks," resulting in a "split verdict": a federal judge in the Northern District of California temporarily suspended part of the risk identification, while the Federal Court of Appeal for the District of Columbia subsequently upheld the validity of the label for a short period of time. Some legal experts pointed out that if the California court had not issued a stay decision, it might have become more difficult or even completely prohibited for federal agencies to legally contact Mythos, or even conduct test evaluations.

Still, Trump himself has publicly railed against Anthropic and its management. In February of this year, he posted on social media, calling the head of the company a "left-wing lunatic" because he firmly opposed the use of his own tools for large-scale domestic surveillance and autonomous lethal strikes on American citizens. A former senior national security official said that this series of public remarks had a "chilling effect", making many federal agencies increasingly cautious when contacting Anthropic and considering using its model to strengthen their own network security, fearing that large-scale investment of manpower and funds would be regarded as violating the presidential directive.

Despite the tension, concern about Mythos' potential national security implications is rising within the Trump administration. People familiar with the matter revealed that CAISI, which is affiliated with the National Institute of Standards and Technology (NIST), had begun testing the "hacking skills" of Mythos long before Anthropic officially announced it. Researchers are using red team methods to simulate actual attack and defense scenarios and conduct capabilities and risk assessments on Mythos to determine how it may change the future network warfare landscape. NIST did not comment on the specific details of its collaboration with Anthropic, but Anthropic confirmed that it has provided Mythos to the government for independent testing and technical evaluation.

In addition to CAISI, the Treasury Department’s information technology team was also exposed as trying to use Mythos to scan and fix unknown system vulnerabilities in the Treasury network. At the same time, the Ministry of Defense is using the Anthropic model to complete the switch to "better, more patriotic services" within a six-month transition period in accordance with the initial instructions previously issued by Hegseth on the social platform X. In theory, intelligence and national security agencies can obtain exemptions under a highly confidential framework and continue to cooperate with Anthropic; but recent public statements by senior CIA officials show that the intelligence community's distrust of the company is also deepening.

CIA Deputy Director Michael Ellis said in a speech recently that the CIA "will not allow private companies to determine when and how the agency can legally use its technology." He emphasized that national security agencies must retain the final decision-making power on key technology application scenarios and not be "hijacked" by the suppliers' own ethical boundaries. In the view of some former national security officials, if the tension between the Pentagon and Anthropic continues to worsen, the United States may fall into a more passive situation in the next two years. By then, AI models with hacker-like capabilities will be widely available, and the scale of global cyber attacks may usher in an "avalanche" growth, but the United States may not be fully prepared for this.

Glenn Gerstel, a former NSA general counsel, noted that he "very much hopes that the current tensions between the Pentagon and Anthropic will not prevent the proper and secure use of a technology that may be critical to cybersecurity." In his view, how to find a balance between political games, business ethics and national security interests will determine the United States’ position in the next wave of AI-led cyber warfare competition.