Our Take
The US government is now a de facto gatekeeper for frontier model releases, and OpenAI is complying—marking a decisive pivot from the hands-off stance Trump promised.
Why it matters
This move legitimizes restricted releases as a compliance mechanism, not just a safety theater. Practitioners deploying or building on frontier models should expect government review cycles to become standard friction in your release roadmap.
Do this week
Security and compliance teams: map your model dependencies and document what approval delays would cost you before the next major LLM release hits review.
The restricted rollout
OpenAI will not release GPT-5.6 to the public immediately. Instead, CEO Sam Altman told staff this week that the company would distribute the model only to a select group of partners during a preview period, with the Trump administration approving access "customer by customer" (per The Information). If the limited release succeeds, OpenAI plans a broader public release a "couple of weeks later."
The Office of the National Cyber Director and the Office of Science and Technology Policy requested the slower rollout. OpenAI staff worked closely with both agencies on the release plan.
This mirrors Anthropic's approach with Claude Mythos, its frontier cyber model, which launched exclusively through Project Glasswing to a restricted set of partners. Anthropic argued the model was too powerful to release broadly without risk of misuse.
Federal oversight as release policy
The Trump administration originally positioned itself as taking a hands-off approach to AI regulation. In recent months, that posture reversed. Earlier this month, Trump signed an executive order directing certain AI companies to voluntarily submit new models to the government for testing and evaluation before public release.
What changed: government review is now a standard step in the launch sequence, not a one-time exception. OpenAI is treating it as binding policy, not negotiable guidance.
The specific concern driving the hold is cyber capability. Frontier models trained on code and vulnerability data can identify and exploit software bugs at speeds no human analyst matches. Many enterprise systems contain hidden vulnerabilities that serve as network entry points. A model capable of finding and weaponizing those holes autonomously poses obvious risk to organizations running complex infrastructure.
Since these models remain closed to public testing, the actual threat profile is hard to measure independently. Anthropic's restricted release means no public benchmark exists for how dangerous Mythos really is. Observers remain divided on whether the caution is legitimate security practice or marketing theater.
What this means for your deployment
If your product or service depends on the latest frontier models, expect government approval as a dependency in your roadmap. A "couple of weeks" for OpenAI's preview-to-public window assumes no red flags during customer-by-customer review. Delays are possible.
For security teams, the move signals that frontier cyber models will stay gated. If your threat modeling relied on broad access to these tools for testing, that assumption no longer holds. Your defensive posture cannot assume attackers have the same access you do.
For developers building on smaller or open models, this regulatory pressure on frontier releases may actually expand your addressable market. If restricted access to GPT-5.6 raises friction, teams will accelerate migration to models without government approval dependencies.