16APR

Anthropic drops ASL, expands Glasswing partners

3 min read

13:29UTC

Anthropic's 244-page Alignment Risk Update for Claude Mythos Preview abandoned the AI Safety Level capability threshold framework for autonomy-focused threat models, and added Broadcom, CrowdStrike, NVIDIA, Palo Alto Networks and Cisco to the Glasswing partner list.

← Back to Three federal surveys, one 34-to-1 gap Jump to analysis ↓

EconomicDeveloping

Key takeaway

Anthropic replaced capability thresholds with autonomy-focused risk measurement, forcing Glasswing partners to rebuild their internal frameworks during live deployment.

Anthropic published a 244-page Alignment Risk Update for Claude Mythos Preview on 7 April 2026, formally abandoning its AI Safety Level (ASL) capability-threshold framework in favour of autonomy-focused threat models. The same update expanded Project Glasswing to add Broadcom, CrowdStrike, Nvidia, Palo Alto Networks and Cisco alongside the original twelve founding partners announced on 8 April . The Glasswing Programme is backed by $100 million in model usage credits, distributing restricted Mythos access to selected partner organisations under coordinated-disclosure terms.

The ASL framework classified risk by capability thresholds: a model crossed a line when it demonstrated a specified skill, and escalating mitigations followed. Its autonomy-focused replacement measures risk by sustained multi-step execution, aligning with the attack-chaining dimension AISI separately confirmed. All Glasswing partners therefore have to rewrite the internal risk frameworks they were running under ASL, mid-deployment, during live coordinated disclosure.

The update discloses that over 99% of the vulnerabilities Mythos discovered during its vulnerability research programme remain unpatched, with coordinated disclosure still in progress. For the Glasswing partners, that means the security posture of the operating systems and browsers their staff use daily is currently weaker than it was before Mythos began running, because Mythos has a list of undisclosed paths into software they all depend on. CrowdStrike and Palo Alto Networks, newly added as of 7 April, are among the security vendors most directly affected by that exposure.

The methodology shift also changes what frontier AI risk governance looks like. Capability thresholds produced discrete pass/fail tests that could be regulated; autonomy thresholds require ongoing observation of how a model behaves across time and tasks, which is closer to financial-market supervision than to product certification. The Bank of England's April directive to the FCA on agentic AI in payments, carried elsewhere in this update, proceeds from the same premise.

Deep Analysis

In plain English

Anthropic published a 244-page document about the risks of its most advanced AI, Mythos, and at the same time changed how it assesses those risks; scrapping a system based on specific measurable capabilities in favour of a broader focus on the AI's ability to act autonomously. The document also revealed that over 99% of the security vulnerabilities Mythos discovered in real software are still unfixed. Anthropic also expanded the list of companies with access to Mythos to include chip maker Broadcom and security firm CrowdStrike, among others.

Deep Analysis

Root Causes

The 99%-unpatched vulnerability figure is a structural consequence of coordinated disclosure norms that were designed for vulnerabilities in known software products, not for an AI model capable of discovering novel vulnerability classes at scale.

Standard coordinated disclosure gives vendors 90 days to patch before public release. Mythos appears to have discovered vulnerabilities faster than the vendor-patch cycle can absorb; a structural mismatch between the speed of AI-driven discovery and the speed of human-driven remediation.

The Glasswing expansion to include Broadcom, CrowdStrike, NVIDIA, Palo Alto Networks and Cisco alongside the original twelve partners concentrates privileged access to a model with confirmed unpatched vulnerability knowledge inside exactly the firms whose products contain those vulnerabilities.

This is not necessarily imprudent (coordinated disclosure requires giving the affected party the information) but it means the security perimeter for the unpatched vulnerability set is now co-extensive with the Glasswing partner list.

Source Landscape

This story draws on centre-left-leaning sources from United States

United States

Primary parallel: The US Nuclear Regulatory Commission's 1979 transition from threshold-based reactor safety standards to probabilistic risk assessment (PRA) after Three Mile Island followed the same logic: discrete threshold frameworks could not capture the compound probability of multiple simultaneous failure modes.

PRA improved risk modelling but also made regulatory compliance harder to verify externally, since probabilistic models require the agency to accept the operator's own failure-mode assumptions. Anthropic's shift from ASL to autonomy threat modelling replicates this methodological transition in a domain with no equivalent external verification capability.

Counter-parallel: The pharmaceutical industry's shift from single-compound toxicity thresholds to systems pharmacology in the 2010s; which modelled drug interactions as emergent system properties rather than additive discrete effects; took twelve years to produce validated external evaluation frameworks. AI autonomy risk may face a similar lag between methodology adoption and external verification capacity.

Consensus view: The Centre for AI Safety (CAIS) in San Francisco has argued that capability-threshold frameworks like ASL (where specific measured capabilities trigger specific safety requirements) are fundamentally fragile because emergent capabilities appear unpredictably at model scale. Anthropic's abandonment of ASL thresholds in favour of autonomy-focused threat modelling is, by CAIS's own framework, the correct structural response to the Mythos capability profile.

Counter-view: Yoshua Bengio's International AI Safety Report (published January 2026, co-authored by researchers from 30 countries) argued that scrapping threshold frameworks without replacing them with independently verified autonomy metrics creates a regulatory vacuum: companies self-certify their autonomy risk models without external benchmarks. Anthropic's 244-page system card is produced by Anthropic, not by a body with enforcement authority.

Key tension: Whether the ASL abandonment represents a genuine safety improvement (because autonomy-focused models better capture the actual risk) or a regulatory convenience; because autonomy risk is harder to externally measure than the discrete capability thresholds ASL specified.

Sources:Axios·Challenger, Gray & Christmas

Mentions:Anthropic →Claude Mythos Preview →Project Glasswing →AI Safety Level →Broadcom →CrowdStrike →Palo Alto Networks →Meta →Nvidia →Bank of England →UK AI Security Institute →Financial Conduct Authority →

First Reported In

Update #6 · Three federal surveys, one 34-to-1 gap

Axios· 16 Apr 2026

Read original →

Causes and effects

Caused by

Anthropic withholds Mythos from public release

Anthropic's 7 April system card and Glasswing expansion directly extended the Glasswing programme launched on 8 April with the original twelve partners.

Occurred 8 Apr 2026

Read story →

This Event

Anthropic drops ASL, expands Glasswing partners

A methodology shift that forces all Glasswing partners to rebuild their internal risk frameworks mid-deployment, while over 99% of Mythos-discovered vulnerabilities remain unpatched during coordinated disclosure.

Different Perspectives

TSMC and Taiwan chip supply chain

Nvidia's 17% headcount growth to 42,000 on $81.6 billion in quarterly revenue depends on TSMC's CoWoS advanced packaging capacity constraining H100 and B200 supply, sustaining margins above 70%. The AI build-out's sole headcount-growth story runs through a Taiwan supply chain that has no parallel in downstream software.

Displaced tech workers globally

CrowdStrike's SEC disclosure puts AI attribution on a material regulatory record for the first time, but Oracle's Massachusetts WARN clock expired unfiled after up to 14 workers were logged as remote despite office proximity. The legal apparatus cannot enforce what it cannot see: hybrid reclassification, GCC transfers, and hires never made.

UK workforce and policymakers

ONS recorded UK vacancies at 705,000, below the pre-pandemic baseline for the first time, as payrolled employment fell 210,000 year on year with real wage growth at 0.1%. The Bank of England's AI worst case assumed 500,000 additional unemployed from a baseline above 730,000; the UK is already below that floor, and ONS still publishes no AI-exposure breakdown.

India IT workforce and graduates

NASSCOM's FY2026 data shows net sector growth of 140,000, but entry-level hiring fell 20-25% as the growth concentrated in in-house GCC offices requiring mid-career specialists. Indian graduates who previously entered through TCS, Infosys and Wipro fresher programmes find that channel closing at both ends: outsourcers cutting and GCCs not hiring at the junior level.

IG Metall and European trade unions

European labour bodies see the market reward pattern, cuts on record revenue, as investor preference for short-term margin extraction over validated AI productivity. They note the EU Digital Omnibus provisional deal has dropped binding employer AI-literacy obligations at the precise moment the ILO-NASK index has quantified that 3.3% of global workers are in the highest AI exposure category.

Federal Reserve Board

Governor Cook told Stanford's SIEPR on 27 May that speculative-grade software bond spreads have widened on AI-disruption concern, moving AI displacement from a labour observation into the Fed's financial-stability mandate. The Fed cannot resolve structural labour transformation through rate policy, so Cook routed the concern through the one channel the Fed does control.