Every major US AI lab is now under government pre-release review. Let that land for a second.

Google DeepMind, Microsoft, and xAI just signed agreements to submit their unreleased AI models for security evaluation through NIST’s Center for AI Standards and Innovation (CAISI) — joining OpenAI and Anthropic, who were already on board. All five frontier labs. Government eyes on the code before it hits your screen.

Six months ago, the Trump administration was actively dismantling AI safety guardrails. So what changed?

One model: Mythos.

Anthropic Built Something Too Dangerous to Ship

In April, Anthropic announced Claude Mythos — a model so devastatingly effective at finding and exploiting cybersecurity vulnerabilities that the company refused to release it publicly. We’re talking zero-day exploits across every major operating system and browser. An AI that can hack essentially anything.

Anthropic locked it behind Project Glasswing, a $100 million restricted access program limited to roughly 50 vetted organizations. The UK’s AI Safety Institute confirmed the model’s capabilities were real. Treasury Secretary Bessent and Fed Chair Powell reportedly convened Wall Street executives to prepare. India’s securities regulator ordered emergency cybersecurity overhauls.

And in Washington, officials who’d spent the previous year rolling back AI regulation suddenly had a very concrete reason to care.

What CAISI Testing Actually Looks Like

CAISI sits within NIST at the Department of Commerce. Originally Biden’s AI Safety Institute, it was restructured under Trump’s commerce secretary Howard Lutnick — but crucially, it survived. Here’s what the agreements cover:

  • Pre-deployment evaluation — CAISI gets access to frontier models before public release
  • Reduced-safeguard testing — developers provide models with safety guardrails stripped, exposing raw capabilities
  • Classified testing environments — evaluations can happen in classified settings for national security assessments
  • Cross-government participation — an interagency task force called TRAINS brings experts from across federal agencies
  • Post-deployment monitoring — testing continues after release

CAISI has already completed over 40 model evaluations, including unreleased state-of-the-art systems. Director Chris Fall put it plainly: “Independent, rigorous measurement science is essential to understanding frontier AI and its national security implications.”

The Biggest Regulatory U-Turn in Tech History

The political whiplash here is remarkable.

VP Vance gave speeches arguing against heavy-handed AI oversight. The administration repealed Biden-era safety executive orders. The philosophy was clear: let American companies innovate.

Then Mythos happened, and suddenly the same administration is reportedly drafting an executive order to create an AI oversight working group. Tech executives and government officials developing review processes for high-risk models. The White House even considered slapping a “supply chain risk designation” on Anthropic itself — treating a US AI company with the same scrutiny usually reserved for foreign tech threats.

When a deregulation administration builds an oversight framework, the threat is real.

The Industry Is Playing Along — For Now

Microsoft’s Chief Responsible AI Officer said the quiet part out loud: companies can’t conduct “evaluations tied to national security and public safety” on their own. “They require close collaboration between industry and governments with deep technical and security expertise.”

OpenAI is positioning itself as a willing oversight partner. Google signed without public comment. xAI — Musk’s company — didn’t respond to press inquiries at all, which is telling given his vocal opposition to AI regulation.

The subtext is obvious: these companies would rather submit to voluntary testing than risk mandatory regulation. Smart calculus. But it raises the real question.

The Gaps That Should Keep You Up at Night

No published standards. CAISI hasn’t disclosed what it’s actually testing for. Capability assessments are only as good as the threat models behind them.

No enforcement teeth. These are voluntary agreements. If CAISI flags a serious risk, can it block a release? Nothing in the current framework suggests it can.

Open-source blind spot. Meta’s Llama and thousands of open-source projects don’t have corporate entities signing agreements. If oversight only covers the big five, the most dangerous capabilities could proliferate through unregulated channels.

Resource constraints. Georgetown analysts note CAISI simply doesn’t have the manpower, technical staff, or compute to thoroughly test every model. Meanwhile, China already has mandatory pre-release AI review. As Forbes noted, the US is “moving from China’s model to Washington” — but doing it with voluntary handshakes instead of legal mandates.

What This Actually Means

The next ChatGPT, Gemini, or Grok update will have been evaluated by government testers before you see it. Expect slightly longer waits between announcement and availability — but potentially safer products.

More fundamentally, the “move fast and break things” era of AI is over. When Mythos showed that an AI model could compromise essentially any digital system, the old approach of release-first-patch-later became indefensible.

And if Mythos-level capabilities become common — and they will — every organization needs to assume their security will be stress-tested by adversaries wielding superhuman vulnerability discovery. The cybersecurity playbook just got rewritten.

The Beginning, Not the End

Voluntary pre-release testing is a pragmatic first step, not a destination. The White House working group, potential executive orders, and the global scramble to respond to Mythos-class capabilities all point toward much more structured regulation ahead.

The question isn’t whether AI oversight is coming. It’s whether it’ll arrive fast enough to keep pace with the technology.

One thing is clear: the era when frontier AI models could ship without serious government scrutiny is finished. And whatever your position on regulation, that’s probably overdue.