Does Mythos mean you need to shut down your Open Source repositories?

Saw this interesting blog post today about how the NHS is apparently preparing to shut down all Open Source repos in response to models like Mythos posing a security risk. Sad to see this response from the NHS.

Interestingly, the Linux kernel vulnerability I posted the other day was partially identified by AI. I can see why there’s a kneejerk reaction to close repos, but think it demonstrates a misunderstanding of cyber-security to move ahead with the idea… The code’s already out there; the models have already trained on it. I doubt at this stage that the NHS is going to vastly restructure their enormous codebases from the ground up. You don’t even need source code access necessarily to exploit vulnerabilities – and with this, only NHS devs can contribute to the defence and security of their code.

Seems like a very costly move for very little benefit.

What are your thoughts? Do you think we’ll see more of this sort of thing as frontier models improve?

I had to look it up, so others may need this

“Mythos” in the context of Linux in 2026 refers to **[Anthropic’s Claude Mythos](Google Search, a highly advanced AI frontier model capable of autonomously discovering and exploiting security vulnerabilities in the Linux kernel and other major operating systems.

I thought once source code was open it would be next to impossible to close it… there would be backup copies everywhere.

Not from genuine opensource developers… I think they would welcome it … it is a corporate panic response.

If any of NHS code uses GNU , it is also illegal to close access to code.

Totally; even the blog post itself mentions creating back ups of the repos. Would love to have been a fly on the wall when this was discussed.

Cheers for linking the additional context, probs should have thought to do so in my OP!