The US Cybersecurity and Infrastructure Security Agency is deploying Anthropic’s Mythos AI model to scan government software repositories for exploitable vulnerabilities, according to Reuters, as reported by the Times of India. CISA’s Attack Surface Evaluation team is using the model to identify bugs that could expose federal systems to foreign intelligence services or cybercriminals. The scans have already uncovered a significant number of vulnerabilities, though severity details remain undisclosed.
The deployment marks one of the most concrete examples of autonomous AI agents operating in production for US government cybersecurity.
The Policy Contradiction
CISA’s adoption creates a visible split within the federal government’s relationship with Anthropic. Earlier in 2026, the Pentagon attempted to label Anthropic a “supply-chain risk” after the company refused to remove safeguards preventing its AI from being used for autonomous weapons or domestic surveillance. A judge blocked the designation.
Despite that standoff, federal agencies have continued adopting Anthropic’s tools. The NSA has been testing Mythos since April, with analysts reportedly impressed by its cybersecurity capabilities, according to the Times of India.
The Fable Shutdown
The tensions extend beyond the Pentagon. When Anthropic released a public version of Mythos called Fable, the White House demanded that foreign users be banned, triggering a temporary global shutdown of the model, the Times of India reported. Access was restored only last week.
The Amodei-Michael Emails
Court documents unsealed this week reveal the correspondence that preceded the breakdown. Emails between Anthropic CEO Dario Amodei and Emil Michael, the undersecretary of defense for research and engineering, were first reported by The Wall Street Journal and released as part of Anthropic’s ongoing litigation against the Department of Defense, per the Times of India.
The correspondence, spanning January and February 2026, shows Amodei holding firm on two conditions: no fully autonomous weapons and no domestic mass surveillance. In a January 15 email, Amodei wrote that these boundaries set “important guardrails against using powerful AI to spy on Americans, without blocking legitimate foreign intelligence work.” The Pentagon pushed for language covering “all lawful uses,” a phrase that would leave significantly more room for interpretation.
Fragmented AI Governance
The CISA deployment illustrates a recurring pattern in federal AI adoption: different agencies making independent procurement and deployment decisions while the executive branch and Congress debate overarching policy. CISA is operationalizing Claude-powered agents for critical infrastructure security at the same time the White House is restricting Anthropic’s ability to serve international users and the Pentagon is contesting the company’s safety boundaries.
For agent builders watching federal adoption as a market signal, the takeaway is that production-grade agent deployments are happening in government cybersecurity regardless of the policy debates happening above them.