Skydagger — skydagger.com

US Cyber Defense Agency Audits Government Software Using Anthropic AI Model

The U.S. Cybersecurity and Infrastructure Security Agency is actively utilizing Anthropic’s Mythos artificial intelligence model to scan federal software repositories. The deployment proceeds despite recent regulatory standoffs between the AI developer and the White House.

July 07, 2026 Ahmet Koçak

Cover Image

Anthropic logo, March 1, 2026 - Reuters

The U.S. Cybersecurity and Infrastructure Security Agency is actively utilizing Anthropic’s Mythos artificial intelligence model to audit federal software repositories.

This deployment demonstrates continued federal integration of the start-up’s technology, proceeding despite recent administrative disputes between the company and the White House.

The scanning initiative aims to identify structural flaws that could be exploited by foreign intelligence operations or independent cybercriminals, according to Reuters.

Auditing Operations

The internal reviews are managed by the Attack Surface Evaluation team at CISA. This specialized unit routinely conducts digital security assessments and coordinates penetration testing across federal departments.

Personnel familiar with the matter indicated on Monday that the AI-driven scans have already identified multiple vulnerabilities.

Information regarding the specific severity of these flaws remains undisclosed.

The total volume of federal code subjected to the Mythos model is currently unspecified.

Representatives for Anthropic declined to comment on the auditing program. CISA officials previously indicated they would review the matter for public disclosure, but have not provided subsequent updates.

Regulatory Friction

Anthropic recently executed a confidential filing for a U.S. initial public offering. The company experienced significant friction with federal authorities earlier this year.

In February, the developer declined requests to eliminate internal protocols that restricted its AI from being used in autonomous weapons applications and domestic surveillance operations.

The Department of Defense subsequently issued a formal supply-chain risk designation against the firm.

This classification is typically reserved for foreign entities suspected of facilitating espionage. A federal judge formally blocked the Pentagon’s blacklisting order in March.

Intelligence Agency Deployment

Tensions subsided after Anthropic released a private iteration of the Mythos model, which specializes in detecting and exploiting cybersecurity vulnerabilities.

The National Security Agency began operating Mythos in April during the active blacklist period. Analysts at the NSA tested the model within classified environments and reported significant technical proficiency.

Anthropic later launched Fable, a public variant of the Mythos architecture containing integrated security constraints.

The White House immediately mandated that the company restrict foreign nationals' access to the platform.

This directive forced a global suspension of the Fable model, which was only rescinded last week.