Qodana
The code quality platform for teams
Opinion: The Anthropic Dispute Is Not Really About Anthropic. It’s About Trust.
When the US government effectively forced Anthropic to suspend access to some of its newest AI models over security concerns (Fable 5, Mythos 5), much of the debate immediately split into familiar camps. One side saw government overreach. The other saw a necessary intervention against potentially dangerous technology. Both sides may be missing the more important lesson.
We know that the U.S. government didn’t publicly identified a specific statute or section of law that it relied on. While they could potentially reference the Export Control Reform Act (ECRA) as a legal framework – they haven’t publically done so yet. So, is it a “misunderstanding” as they stated they believed it to be in Anthropic’s public statement? What has been disclosed is that the action was taken under export-control authorities and framed as a national security measure.
Are any of us ready for the future?
Behind the legalities and compliance discussions, the real story is not whether Anthropic was right or wrong. It is whether the AI industry is prepared for a future in which provenance, vigilance, and safeguards become as important as model performance.
For years, the AI race has been measured in benchmarks, context windows, reasoning scores, and coding capabilities. The conversation has focused on what models can do. Increasingly, the question regulators, enterprises, and security teams are asking is something else entirely: how do we know what a model did, why it did it, and whether it should have been allowed to do it in the first place?
According to reports, US officials became concerned that Anthropic’s latest models could be jailbroken or used to identify and exploit software vulnerabilities. Anthropic disputed the severity and uniqueness of those risks, noting that many advanced models possess similar capabilities. Even so, the company ultimately disabled access to the affected systems while the dispute unfolded. Whether those specific concerns prove justified is almost secondary.
The more important reality is that we are entering an era where AI systems are increasingly trusted with consequential tasks. They write production code. They analyze legal documents. They assist with medical research. They are being evaluated for use in government, intelligence, defense, and critical infrastructure environments.
Trust can’t be built on capability alone
Consider the software supply chain. Modern organizations have spent two decades learning that visibility matters as much as functionality. That is why software bills of materials became important. That is why code signing became standard. That is why organizations increasingly require provenance information for open source dependencies. Nobody asks whether a package works. They ask where it came from, who modified it, and whether it can be trusted. AI is heading in exactly the same direction.
A model that can generate brilliant code but can’t explain its reasoning trail presents a governance challenge. A model that can autonomously call tools, access repositories, and interact with production systems without robust oversight introduces new attack surfaces. Recent academic research has highlighted how agentic AI systems can be manipulated through memory poisoning and other architectural weaknesses, creating outcomes that appear legitimate while hiding compromised behavior.
This is why provenance matters.
Organizations need to know which model generated a piece of code, which prompts were used, what external tools were called, what information sources were accessed, and what guardrails were active at the time. The future will not be won by the company with the smartest model. It will be won by the company that can prove how that model behaved. The software industry has already seen what happens when provenance is ignored.
The SolarWinds attack demonstrated how trusted software updates could become a vehicle for compromise. The Log4Shell vulnerability showed how a widely used component could become a systemic risk across thousands of organizations. More recently, the rise of malicious open-source packages has highlighted how attackers exploit trust assumptions rather than technical weaknesses alone. AI introduces similar dynamics at a much larger scale.
If developers increasingly rely on AI-generated code, then questions about provenance become urgent. Research published this year found that all seven evaluated LLMs generated vulnerable code, with many vulnerabilities classified as having high or critical severity.
The lesson is not that AI-generated code is inherently unsafe. The lesson is that AI-generated code should be treated like any other artifact entering a software supply chain. It requires inspection. It requires policy enforcement. It requires traceability. Most importantly, it requires verification. That brings us to vigilance.
The old “trust but verify” adage needs to be updated
The cybersecurity community has long operated on a simple principle: trust, but verify. In the AI era, that principle needs updating. The new rule is verify continuously.
Models evolve. Training data changes. Safety mechanisms are updated. New jailbreak techniques emerge weekly. An AI system that behaves safely today may behave differently tomorrow.
This is not hypothetical. The current Anthropic controversy reportedly centers in part on concerns that safeguards could be bypassed through jailbreaking techniques. Whether those claims ultimately hold up, the fact that such concerns exist at all highlights the fragility of static trust assumptions. Safeguards therefore cannot be treated as marketing features. They must be operational controls.
Just as organizations continuously scan software for vulnerabilities, they will need continuous monitoring of AI systems. Just as security teams audit access privileges, they will need visibility into model permissions and tool usage. Just as software teams establish quality gates for code, they will need governance gates for AI-generated outputs.
This is where the industry should focus its attention. Not on whether one company won or lost a policy argument. Not on whether one model is more capable than another. Not on whether a particular government action was justified.
The real challenge is building an ecosystem where advanced AI can be deployed responsibly at scale.
How do we prepare for what’s next?
Stronger provenance mechanisms. Better auditability. Continuous monitoring. Transparent safeguards. Independent evaluation. Policy enforcement that exists beyond a model provider’s assurances. These are the only ways in which we can set up teams for better security and success in an AI-era (if it remains that).
The Anthropic dispute will eventually be resolved. The export controls may be modified. The models may return. New models will certainly arrive but the broader question will stay the same.
“In a world where AI increasingly acts on our behalf, trust can no longer be assumed. How do we earn, measure, verify, and continuously maintain it?” That is not a limitation on innovation. It is the foundation that will make innovation sustainable.
Kerry Beetge is from the JetBrains Qodana team – Qodana is a tool that helps teams put safeguards in place to control the quality and security of their code before it reaches production.
Please note: the reports about Anthropic being forced to suspend access to its latest models are very recent and some details remain disputed. Anthropic has challenged aspects of the government’s characterization, while officials have argued the models posed national security risks related to jailbreaks and vulnerability discovery capabilities.
