The AI Model the Government Can’t Take Away

June 21, 2026

A few weeks ago, the U.S. government effectively export-controlled a chatbot.

Read that sentence again.

Not missile guidance software. Not uranium enrichment technology. A commercial AI model.

On June 13, 2026, the Commerce Department ordered Anthropic to block all foreign nationals from accessing Claude Fable 5 and Mythos 5. Not just customers. Foreign-born employees too.

Anthropic couldn’t realistically enforce that requirement, so they took the safest route available: they shut the models off for everyone.

Days after launch, arguably the most capable commercial AI model in the world disappeared behind a government directive.

That should make every developer pause.

The “dangerous” capability

The story gets stranger.

According to reports, Amazon security researchers found a way to get Fable 5 to produce information that could be useful for cyberattacks. That finding eventually made its way to Treasury Secretary Scott Bessent, then Commerce Secretary Howard Lutnick, and shortly afterward Anthropic received its directive.

Sounds serious.

Then security researcher Katie Moussouris reviewed the report.

The “jailbreak” was feeding the model open-source code with known vulnerabilities and asking it to fix them.

That’s it.

The model wasn’t generating malware. It wasn’t designing exploits. Researchers were literally asking it to identify vulnerabilities, patch them, and validate the fix.

You know, the thing security teams do all day.

Apparently we’ve reached the point where “find bug, fix bug” is considered dangerous enough to warrant federal attention.

The problem nobody wants to talk about

Whether you agree with the government’s decision isn’t actually the interesting part.

The interesting part is how easily it happened.

One letter.

One directive.

One compliance decision.

And a tool used by millions of developers vanished overnight.

That’s the risk people accept every time they build critical workflows around a hosted AI service.

You don’t own the model.

You rent access to it.

The provider owns the infrastructure. The provider owns the policies. The provider answers to regulators, lawyers, investors, and governments.

You just get an API key.

Until you don’t.

Open source suddenly looks a lot less ideological

For years, debates about open-source AI felt philosophical.

Should models be open?

Should weights be released?

Should everything run locally?

Now it’s becoming a practical question.

If a model runs on somebody else’s servers, you’re trusting every decision-maker between you and that model. Product managers. Compliance teams. Lawyers. Regulators. Politicians.

Maybe that’s fine.

But let’s stop pretending it’s the same thing as owning the capability.

When a model runs on your hardware, there isn’t a kill switch.

No emergency compliance meeting.

No Friday afternoon policy change.

No email informing you that your access has been revoked because of a geopolitical argument happening 5,000 miles away.

That’s not an argument for bad actors. It’s the same reason people self-host password managers, maintain backups, and keep critical infrastructure under their own control.

Resilience matters.

The unintended consequence

The most fascinating part of this whole story is what happened next.

Within days, competitors started positioning themselves around a simple message:

“Our model can’t be turned off by Washington.”

That’s not exactly the marketing campaign U.S. AI companies want to inspire.

The rest of the world isn’t looking at this situation and concluding that American AI is safer.

They’re concluding that access to American AI is conditional.

That’s a very different message.

Why I built Offline Assist

This is one of the reasons I built Offline Assist.

Not because I think cloud AI is going away.

Not because I think every developer should run models locally.

But because developers should have a choice.

Offline Assist is an open-source Copilot alternative for VS Code that runs entirely on infrastructure you control.

No API dependency.

No cloud requirement.

No central service that can decide you’re no longer allowed to use the tool you’ve integrated into your workflow.

Install it. Connect it to the model you want. Keep using it.

The events of the last few weeks didn’t convince me cloud AI is bad.

They reminded me that ownership still matters.

And when a government can effectively switch off a state-of-the-art AI model with a letter, having a local fallback suddenly doesn’t sound paranoid.

It sounds responsible.