The Senate Armed Services Committee is inserting language into the annual defense authorization bill to establish formal oversight procedures for the Pentagon’s process of designating AI vendors as supply-chain security risks, according to Bloomberg Government. The provision responds directly to the Department of Defense’s controversial decision earlier this year to designate Anthropic as a national security threat.

The Pentagon designated Anthropic as a supply-chain security risk in early 2026, an unprecedented move that triggered a federal lawsuit, a preliminary injunction, and a broader political crisis over how the U.S. government manages its relationship with advanced AI companies. Anthropic called the designation an overreach and sued to block it. U.S. District Judge Rita Lin granted a preliminary injunction in March, calling the Pentagon’s rationale “Orwellian” and saying its actions appeared designed to “cripple” Anthropic.

The Senate provision signals that lawmakers are not fully backing the Pentagon’s approach. Rather than supporting the designation itself, the committee is establishing guardrails around the entire process, requiring clearer procedures before the Defense Department can label an AI vendor as a security risk.

Why Congress Is Stepping In

The Anthropic case exposed a gap: no formal legal framework governed how the Pentagon could designate AI companies as supply-chain threats. The designation was made without established criteria, without a clear appeals process, and without congressional input. That lack of structure allowed the Pentagon to act unilaterally against one of the country’s most prominent AI companies.

The Senate committee’s language aims to close that gap by codifying oversight requirements. The specifics of the provision have not been fully disclosed, but the direction is clear: future designations will need to follow established procedures rather than ad hoc executive action.

Contradictions Across Government

The Senate action arrives during a period of visible incoherence in how the federal government handles Anthropic. While the Pentagon fought to blacklist the company, CISA’s Attack Surface Evaluation team has been actively deploying Anthropic’s Mythos AI model to scan federal software repositories for exploitable vulnerabilities, according to Reuters. One arm of the government treats Anthropic as a threat. Another treats it as critical infrastructure defense tooling.

That contradiction has practical consequences for every AI vendor considering government contracts. If the Pentagon can designate a company as a security risk without formal process, the risk calculus for building government-facing AI products shifts significantly. Enterprise buyers in defense-adjacent sectors have been watching the Anthropic case closely, and several have delayed procurement decisions pending resolution.

The Procurement Signal

For AI companies and enterprise buyers, the Senate committee’s move introduces a measure of predictability. A codified oversight process means the Pentagon cannot unilaterally blacklist an AI vendor without satisfying procedural requirements and facing congressional scrutiny. That reduces, but does not eliminate, the regulatory risk of selling advanced AI systems to the federal government.

The defense authorization bill still needs to pass the full Senate and be reconciled with the House version. The oversight language could be modified, strengthened, or removed during that process. But the committee’s decision to act at all confirms that the Anthropic designation created lasting institutional concern about unchecked executive authority over AI vendor access.