OpenAI Just Did the Thing It Criticized Anthropic For

A few weeks ago, OpenAI publicly torched Anthropic for clamping down on its Mythos model, calling the restrictions a drag on innovation and security research. Today, OpenAI announced it’s restricting external access to its own Cyber API. The policy it criticized has become the policy it ships. That’s worth pausing on.

Yesterday’s Criticism, Today’s Policy

The timing is what makes this interesting. When Anthropic put hard guardrails around Mythos’s cybersecurity-adjacent capabilities, OpenAI’s line was that this kind of limitation hurts the broader security research community. It wasn’t a quiet disagreement — it was a public position.

The Cyber API changes OpenAI just rolled out look almost identical in shape. External developer calls move to a review-gated model. Specific cybersecurity scenarios get blocked at the response layer. Strip the logos off the press releases and it’s hard to tell the two policies apart.

The Justification Sounds Familiar

OpenAI’s framing leans on “abuse prevention” and “responsible deployment.” Reasonable words. The problem is they’re the exact same words Anthropic used when it restricted Mythos — the words OpenAI dismissed as overcautious gatekeeping a few weeks back.

The HN and X reaction has been predictable and pointed: when a competitor restricts, it’s censorship; when we restrict, it’s safety. Cybersecurity is a domain where caution is genuinely warranted, no matter who’s shipping the model. But the moment your criticism standard and your own policy standard diverge, the message stops landing.

Who Actually Pays for the Whiplash

Two groups eat the cost when this pattern repeats.

First, security researchers. Legitimate red-teamers, vulnerability analysts, and defensive tooling builders get jerked around every time a major lab updates its terms. Workflows that depend on consistent API behavior don’t survive quarterly policy pivots.

Second, the credibility of AI safety as a concept. When “safety” becomes a marketing posture instead of a technical commitment, the harder regulatory conversations — the ones that actually need labs at the table in good faith — lose oxygen. “They did it too” is not a principle. It’s a permission slip.

The Question Worth Asking

AI labs are going to keep changing policy. The justifications will keep sounding reasonable. What’s worth tracking isn’t the language — it’s the pattern.

Does the standard a company applies to competitors match the one it applies to itself? Is a given restriction actually about safety, or is it about positioning inside a two-horse race for enterprise trust? OpenAI’s Cyber API move might be a sensible call on the merits. It might also be a useful moment to notice how loosely the word “safety” is now being used across the industry. That call is yours to make.