Two moves in the same week. Anthropic made vulnerability data from its Mythos model more accessible to the broader security community. Then it challenged the federal government’s effort to restrict Anthropic’s access to defense contracts entirely.
The policy shift applies to Project Glasswing, Anthropic’s restricted-access program covering approximately 50 enterprise and government partners. Under the original terms, an NDA prevented partners from sharing detected software vulnerabilities with anyone outside the closed circle. According to reporting by Computing UK, the amended policy now permits partner organizations to share vulnerability data with third-party security teams, open-source maintainers, and the public. Critics of the original policy had argued that restricting vulnerability information to a small set of large technology firms, including Amazon, Apple, Microsoft, and Nvidia – left smaller enterprises without timely protection.
Verdict
The Pentagon dispute is distinct. The Department of Defense classified Anthropic as a supply chain risk, per Digital Watch Geneva and legal analysis from Stephenson Harwood. Anthropic was given approximately 30 days to appeal that classification before the designation takes full legal effect. Rather than accepting the timeline, Anthropic initiated a legal challenge against the DoD. The specific grounds for the supply chain risk designation haven’t been publicly confirmed. Legal analysis suggests the dispute involves alignment between Anthropic’s internal safety policies and government operational requirements, but that characterization is an inference, not a public finding.
The friction with the Pentagon isn’t new. TJS previously reported on the Anthropic-Pentagon tension over safety policy application in federal contracting contexts. What’s new is that Anthropic has escalated from friction to litigation.
These two moves define Anthropic’s current governance posture precisely. More openness toward the public security community. More resistance to government demands to modify internal safety constraints. The company is simultaneously expanding access to vulnerability data and litigating to preserve the safety policy framework that the Pentagon reportedly wants changed. Those aren’t contradictory positions, they reflect a consistent principle about who Anthropic thinks should govern model behavior, and it isn’t the DoD.
Unanswered Questions
- What does a DoD supply chain risk designation mean for existing Anthropic federal contracts in practice?
- If Anthropic's legal challenge fails, does the designation affect commercial (non-federal) Anthropic product access for critical infrastructure operators?
- What's the timeline for Anthropic's legal challenge, and at what point does a compliance team need to activate a contingency vendor plan?
The real question for compliance teams using Anthropic products for critical infrastructure applications is what the supply chain risk designation means in practice for federal procurement pathways, and whether Anthropic’s legal challenge is likely to succeed fast enough to preserve those pathways. A supply chain risk designation from the DoD affects federal contract eligibility. The appeal window is approximately 30 days. Anthropic’s choice to litigate rather than appeal suggests it doesn’t expect to win inside the DoD’s own process. Don’t expect a fast resolution.