Trump Scraps AI Executive Order on Frontier Model Oversight

AI relevance: The order was drafted in direct response to Anthropic's Claude Mythos demonstrating autonomous vulnerability discovery at unprecedented scale, raising the question of how governments should regulate AI systems that can independently find and exploit zero-days.

What happened

• On May 22, 2026, Trump abruptly postponed signing an AI executive order only hours before the planned ceremony in the Oval Office (Guardian, Politico).
• The order would have established a voluntary "clearinghouse" formed by the Treasury Department and multiple agencies to find and patch security vulnerabilities in unreleased frontier AI models before public deployment (CNN).
• It would have required labs to submit frontier models to government review 90 days before public release (LetsDataScience, Axios).
• The order's full leaked text directed OMB and CISA to determine whether federal grants could fund advanced AI vulnerability detection research within 30 days.
• The NSA was reportedly positioned to play a role in voluntary pre-deployment testing of advanced models (Nextgov/FCW).
• Trump cited US leadership over China as the reason for backing out: "I didn't like certain aspects of it, I postponed it... we're leading China, and I don't want to do anything that's gonna get in the way of that lead" (Guardian).
• Tech billionaires including Elon Musk, Mark Zuckerberg, and former White House "AI czar" David Sacks personally urged Trump to reverse course in private calls (Washington Post via Guardian).

Why it matters

• Anthropic's Claude Mythos Preview (announced April 7, 2026) can autonomously discover and exploit zero-day vulnerabilities at scale, at speed and cost no human team could match (ArmorCode, NBC News).
• Mythos triggered a geopolitical crisis, with governments from the UK to India to China expressing concern that the model could target financial systems and critical infrastructure (Guardian, Financial Stability Board).
• OpenAI subsequently announced a cybersecurity AI product (GPT-5.5-Cyber) matching similar capabilities, and the pattern of capability diffusion means other firms will follow (Axios, Guardian).
• The EO's cancellation means no formal US government framework for pre-release assessment of AI models with autonomous offensive capabilities exists in the near term.
• The Treasury Department's voluntary partnership concept — designed to find vulnerabilities in unreleased models before they reach public hands — has been shelved indefinitely.

What to do

• Security teams should assume that frontier AI models with autonomous vulnerability discovery capabilities will be available to attackers, not just defenders, within months.
• Organizations running AI agents should audit their tool-access policies and sandboxing — models that can discover zero-days can also chain them.
• Monitor for emerging AI-specific CVEs; the current CVE system is not designed to track agent-class vulnerabilities (CSO Online coverage).
• Follow the UK AISI's Mythos checkpoint analysis for independent assessment of model cyber capabilities.

Sources

• Guardian — How big tech got its way on Trump's AI executive order
• Politico — Trump moves to police frontier AI models
• CNN — White House postpones executive order on AI
• NBC News — Trump abruptly scraps signing of landmark executive order regulating AI
• Axios — Trump AI executive order seeks early government access to frontier models