Anthropic's Project Glasswing Creates Two-Tier Mythos Access for Agent Developers and Security Researchers

Roughly 200 organizations enrolled in Anthropic’s Project Glasswing, a vulnerability research consortium, still have access to Mythos Preview despite the June 16 US export control order that blocked public access to Fable 5 and Mythos 5, Bloomberg reported on Thursday. For agent developers building infrastructure on Anthropic models, the carveout introduces a new fragmentation risk: some teams can access the most capable model, others cannot, and the line between the two is a government-managed research consortium.

Project Glasswing’s Expanding Reach

Anthropic began rolling out Mythos Preview to select organizations months before the export controls took effect. The program, dubbed Project Glasswing, has since expanded to partners across industry and other nations, according to Nextgov/FCW. The model was distributed through a non-public process based on the rationale that, in the wrong hands, it could significantly boost adversaries’ hacking capabilities, Nextgov/FCW reported.

The Cybersecurity and Infrastructure Security Agency (CISA) also gained full Mythos Preview access around June 10, a U.S. official told Nextgov/FCW. CISA was not included in the initial Mythos rollout, according to an earlier Axios report. The White House Office of the National Cyber Director has not yet set clear parameters for how the agency should use the model, the official added.

Export Control Fallout Continues

The Glasswing carveout adds another layer to a week of escalating export control developments. Commerce Secretary Howard Lutnick’s June 16 letter threatened criminal and civil penalties if Anthropic granted foreign nationals access to advanced models without government permission. JPMorgan Chase subsequently restricted employee access to Claude models in Hong Kong. The White House and Anthropic shifted negotiations toward developing a shared framework for assessing AI security vulnerabilities and jailbreaks. Legal scholars have challenged whether the administration’s use of export control authority exceeds its statutory mandate.

The net result is a model access landscape fractured along regulatory lines. Project Glasswing members, CISA, and approved defense partners can access Mythos Preview for vulnerability research. Commercial API users, enterprise customers in certain geographies, and agent developers outside the consortium cannot.

The Vendor Risk Calculation for Agent Infrastructure

For teams building autonomous agents, security testing pipelines, or production workflows on Anthropic’s most capable models, the two-tier system introduces a vendor risk that competing model providers do not currently impose. Agent developers planning infrastructure around Mythos capabilities now need to evaluate whether their access tier is durable. Organizations inside Project Glasswing have a clear answer. Everyone else faces uncertainty about whether their Anthropic access will survive the next government action, and whether the governance parameters for even privileged access tiers will be defined before they build.