Let me tell you about the most impressive magic trick in Silicon Valley right now. Anthropic built an AI model, told everyone it was too dangerous to release, got the US Treasury Secretary to call an emergency meeting about it, landed the cover of Time magazine, and watched its private valuation sail past OpenAI. All in one quarter.

And the kicker? Nobody can verify a single one of its claims about Mythos because Anthropic will not let anyone outside its handpicked group of 40 corporate partners actually test it.

This weekend, both The Guardian and The Observer published devastating analyses of Anthropics PR strategy. The Guardian called it a "bid to win the AI publicity war." The Observer titled its piece "Safety first puts Anthropic ahead in game of AI spin." Dr. Heidy Khlaaf, the chief AI scientist at the AI Now Institute and a former OpenAI safety engineer, did not mince words: Anthropic is using safety as a PR tool to gain public trust before profits get prioritized. She called it the same "bait and switch playbook" that OpenAI used, just with better execution.

The Playbook Is Elegant and It Is Working

Here is what Anthropic did. It announced Mythos with purposefully vague language about "thousands of zero-day vulnerabilities" in major operating systems. It restricted access through Project Glasswing to 40 founding partners that happen to include Apple, Google, Microsoft, Amazon, and JPMorgan Chase. Those are not just security partners. Those are the biggest potential enterprise customers on Earth. Anthropic gave them $100 million in free usage credits and will start charging premium rates after the trial. That is not a safety program. That is an enterprise sales funnel wearing a lab coat.

Jameison OReilly, an expert in offensive cybersecurity, pointed out to The Guardian that the "thousands of zero-day vulnerabilities" claim sounds scarier than it is. In his decade of authorized penetration testing against banks, governments, and critical infrastructure, the number of times he needed a zero-day to achieve his objective was "vanishingly small." Real-world hacking rarely depends on zero-days. It depends on misconfigured systems, weak passwords, and human error. Things that AI models are not uniquely positioned to solve.

The Numbers Tell the Real Story

Anthropic plans to spend roughly $30 billion on training and infrastructure this year. That is about the same as its projected revenue. It is burning cash at a rate that demands constant fundraising. An IPO is expected as early as October at a valuation up to $500 billion. Last week, Anthropic passed OpenAI in private secondary market valuations for the first time. The "too dangerous to release" narrative is not just good PR. It is directly correlated with investor confidence.

Meanwhile at HumanX, one of the biggest AI conferences of the year, CNBC reported something telling: the industry has caught "Claude Mania." Glean CEO Arvind Jain said Claude has "become a religion." Every executive CNBC spoke to named Claude as the one AI tool they would pick if they could only have one. OpenAI no longer dominates the conversation. That shift did not happen because of benchmarks. It happened because of narrative control.

The Uncomfortable Question

Is Anthropic wrong to be cautious? No. The model could genuinely be dangerous. The problem is that nobody outside Anthropic can tell us whether that is true because the company has structured access in a way that prevents independent evaluation. As Khlaaf put it: "It should be our democratic institutions that determine how these models are released and deployed, rather than a private corporation with its own incentives."

There is also the quieter story. Anthropic cannot keep its own servers running. It introduced usage caps on Claude. It blocked third-party tools like OpenClaw from flat-rate plans. The Guardian noted that Anthropic "may simply not have the infrastructure to support the release of a hyped-up new creation." So the safety framing might also be covering a capacity problem.

I will give Anthropic credit for one thing: it is spectacularly good at this. The Time cover. The 10,000-word New Yorker profile. The CBS 60 Minutes segment. The Pentagon drama that somehow made Anthropic the hero. Its media lead, Danielle Ghiglieri, has been posting the victories on LinkedIn like a highlight reel. And it is all working. Anthropic is winning the narrative war.

But here is my take: safety used as marketing is worse than no safety messaging at all. Because it trains the public to associate "we care about safety" with "we are trying to sell you something." And when a genuinely dangerous model comes along, and it will, nobody will believe the warning.