NSA Reportedly Uses Anthropic’s Muse Preview Despite Pentagon Supply‑Chain Warning
Axios reports NSA use of Anthropic’s Muse Preview despite Pentagon supply‑chain warnings, raising cyber risk concerns and prompting renewed federal talks.
The U.S. National Security Agency has been reported to use Anthropic’s Muse Preview internally, according to Axios, even as the Department of Defense has flagged the company as a supply‑chain risk. Anthropic’s Muse Preview — described by the company as highly capable at coding and assistant tasks — is now at the center of government scrutiny. Officials and experts say its advanced programming abilities could both accelerate defensive work and create novel avenues for cyber exploitation.
NSA reported use of Anthropic’s Muse Preview
Axios sources told reporters that Muse Preview is in use across parts of the NSA, with a wider deployment inside the department than had been publicly disclosed. The report suggests the agency has been experimenting with the model for tasks that include code generation and automation of analyst workflows. Officials did not release details on the scale or specific programs that are using the tool.
The apparent discrepancy between classified procurement decisions and public risk designations raises questions about how federal agencies reconcile operational needs with assessed supplier vulnerabilities. The NSA has historically used a mix of in‑house and commercial tools to augment capabilities, and the adoption of a model like Muse Preview fits that pattern. At the same time, the choice has drawn fresh attention because of the Pentagon’s earlier public stance.
Pentagon designates Anthropic a supply‑chain risk
Earlier this year the Department of Defense classified Anthropic as posing a supply‑chain risk, a designation that signals concern about how the company’s products could affect military systems and data integrity. That label reflected a broader review of foreign and domestic suppliers following incidents in which software and hardware vulnerabilities were used to compromise sensitive networks. The Pentagon’s move limited some forms of direct procurement and prompted internal guidance on the use of certain third‑party models.
The designation does not necessarily prohibit all agencies from using Anthropic products, but it does require additional oversight, mitigations and approvals for integration into critical systems. The tension between capability and risk has prompted internal debates across agencies about the conditions under which an advanced model should be used. Those debates have intensified as the capabilities of models like Muse Preview become better understood.
White House and Anthropic resume discussions
Sources cited by Axios say the White House held discussions with Anthropic’s chief executive in recent days, marking the first direct engagement since the dispute between the Pentagon and the company surfaced earlier this year. The talks are described as efforts to clarify operational safeguards and to explore controlled collaborations that might allow federal agencies to benefit from capabilities while limiting exposure. Administration officials have framed the conversations as part of a broader push to establish guardrails for powerful AI tools.
Officials said the renewed engagement reflects the practical pressure on government agencies to access advanced AI for both offensive and defensive national security missions. The discussions also underscore competing priorities: the need to modernize federal technology stacks and the imperative to mitigate risks to critical infrastructure and classified information. Participants emphasized that any arrangement would include strict oversight.
Anthropic describes Muse Preview’s coding and assistant strengths
Anthropic has characterized Muse Preview as its most capable model to date for programming and assistant‑style tasks, highlighting its ability to generate, explain and refactor code. Company statements referenced the model’s capacity to perform autonomous assistant functions, which can streamline technical workflows and support rapid prototyping. For defenders, those capabilities could accelerate vulnerability discovery and remediation when used responsibly.
At the same time, Anthropic acknowledged the need for safeguards and promoted technical measures intended to limit misuse, such as access controls, monitoring and model‑level guardrails. The company has emphasized responsible deployment and third‑party audits in public remarks, and it has said it is open to government collaboration to align commercial development with national security needs. Observers caution, however, that statements about safeguards require independent verification.
Cybersecurity experts warn of increased exploit risk
Security researchers and former intelligence officials interviewed after the Axios report warned that a model with advanced coding capabilities could help identify previously unknown weaknesses. The concern is not merely theoretical: sophisticated code‑generation models can rapidly enumerate attack vectors, draft exploit code and suggest ways to chain vulnerabilities into effective campaigns. That capacity, if accessed by a malicious actor or poorly governed program, could raise the pace and scale of cyberattacks.
Experts urged strict limitations on how models like Muse Preview are used inside sensitive environments, recommending practices such as compartmentalized access, human‑in‑the‑loop review, red‑teaming and continuous monitoring. They also highlighted the importance of independent security evaluations and shared threat intelligence to detect and mitigate misuse. Some suggested that agencies should prefer vetted, internally hosted instances with constrained capabilities over open access to high‑capacity models.
Implications for federal AI governance and procurement
The situation illustrates a growing policy challenge for U.S. national security bodies: how to harness cutting‑edge AI while preserving system integrity and supply‑chain resilience. Agencies must balance operational advantages against the long‑term risks of dependence on external vendors with contentious risk profiles. Lawmakers and procurement officials may respond by tightening certification requirements, expanding vendor risk assessments and requiring demonstrable mitigations before broad deployment.
The episode may also accelerate efforts to build domestic capacity for high‑assurance models that meet strict security criteria. Advocates argue that investment in secure, auditable systems would reduce reliance on potentially risky suppliers and better align tools with national defense needs. Others counter that excluding commercial innovation could slow modernization and deprive agencies of urgently needed capabilities.
The debate over Anthropic’s Muse Preview underscores a broader dilemma for governments worldwide: adopting powerful AI tools offers clear operational gains, but it also demands new standards of oversight, testing and accountability to prevent those same tools from becoming a vector for harm.
