At China’s May 7 Foreign Ministry press briefing, a reporter asked about a Wall Street Journal report saying that China and the U.S. are considering launching official discussions on AI during next week’s leaders’ summit in Beijing, with U.S. Treasury Secretary Scott Bessent expected to lead the American side. The reporter also asked who would lead the Chinese side.

The Chinese response remained cautious, saying only that there was “no information available at this time.” But the fact that this question was even raised publicly is significant. It marks the first time since the May 2024 U.S.-China intergovernmental AI dialogue in Geneva — still the only one so far — that AI safety and governance have clearly returned to the public bilateral agenda.

And one very important reason for that may be Mythos.

Looking back, many major turning points in the governance of emerging technologies were not driven by years of abstract debate, but by specific events that genuinely shocked governments into action.

The Cuban Missile Crisis and high-yield nuclear tests in the 1950s eventually pushed the world toward the Partial Test Ban Treaty and the Nuclear Non-Proliferation Treaty. The Chernobyl disaster led directly to international nuclear accident reporting and nuclear safety mechanisms.

The internet era followed a similar pattern. Snowden’s PRISM revelations shattered the old U.S.-Europe trust framework around data security and accelerated the rise of “data sovereignty.” The Cambridge Analytica scandal gave the EU enormous political momentum for GDPR. The livestreaming of the Christchurch mosque shooting in New Zealand helped drive the Christchurch Call and later became part of the political backdrop for the EU’s Digital Services Act and stricter platform regulation.

Based on the fragments of information currently available, Mythos may be starting to play a similar role.

According to reports and discussions inside the AI policy world, the model not only appears to have very advanced vulnerability discovery capabilities, but may also be able to rapidly generate workable exploit chains. In other words, it is not just “finding problems”; it is getting dangerously close to automating parts of the cyberattack process itself. To some observers, it effectively turns large parts of the global internet and critical infrastructure into something full of holes. The possibility of scalable AI-driven cyberattacks appears to have alarmed even the U.S. government, which possesses the world’s most sophisticated cyberwarfare capabilities.

Anthropic’s own behavior says a lot. The company has explicitly stated that most vulnerabilities identified by the model are still unpatched or remain inside active disclosure windows, meaning they cannot publicly release many details or open the system like a normal commercial model. Right now, access to Mythos reportedly remains limited to internal researchers, a handful of trusted partners, and carefully vetted security researchers. Increasingly, the way Mythos is being managed looks less like a normal internet product and more like the handling of a high-risk industrial system — or even sensitive military technology.

And it is not just the U.S. getting nervous. Other countries are starting to react as well. Singapore’s Cyber Security Agency recently sent formal notices to all critical information infrastructure operators, asking boards and senior management to reassess the implications of AI-driven cyber threats for existing security systems.

Taken together, Mythos may be significantly elevating the importance of AI safety in the broader U.S.-China relationship.

Back in May 2024, when the two countries held their first intergovernmental AI dialogue in Geneva, the U.S. side focused heavily on concerns about AI misuse, explicitly including the possibility of misuse by China. The Chinese side, meanwhile, focused on criticizing U.S. restrictions and suppression measures targeting China’s AI sector.

According to people familiar with the discussions, many on the U.S. side were not particularly satisfied with that meeting. Some privately complained that the Chinese delegation leaned heavily toward diplomatic and general policy officials, while the discussions themselves did not seriously engage with frontier AI safety risks and governance issues. A few months later, the U.S. organized an AI Safety Institute network meeting in San Francisco without inviting China.

Then Trump returned to office. At first, some people expected the White House might revive the AI safety dialogue mechanism, but in practice the administration remained relatively cold toward it. For most of the past year, the real focus of U.S.-China AI negotiations continued to revolve around more immediate issues such as chip export controls and compute restrictions.

Still, while official dialogue largely stalled, exchanges among think tanks, experts, and companies remained relatively active. Recently, even Bernie Sanders publicly invited Xue Lan from Tsinghua University and Zeng Yi from the Chinese Academy of Sciences to discuss AI safety and U.S.-China AI cooperation.

I’ve been fortunate enough to participate in some of these Track II exchanges myself, and one thing that stands out very clearly is how differently the two sides understand “AI safety.”

On the Chinese side, policymakers and industry people are still focused mainly on practical and already existing issues: U.S. AI chip restrictions, model filing requirements, content compliance, regulation of anthropomorphic AI services, training-data copyright, and similar questions. Many Chinese experts also feel that China has already built a fairly comprehensive AI governance structure involving multiple agencies, sectors, and layers of the industry chain, while the U.S. still lacks even a basic federal AI regulatory framework. From that perspective, some Chinese experts ask: why does the U.S. keep positioning itself as the side leading the conversation on AI safety?

Others in China argue that if the U.S. is truly worried about frontier AI risk, then logically it should first strengthen its own domestic governance rather than continue racing ahead at full speed. Some Chinese observers also believe there is a broader historical pattern in U.S. behavior: when America’s technological lead is limited, it seeks negotiations and guardrails to constrain others; when its lead is overwhelming, it tends to rely more on pressure and restrictions. In that view, the U.S. often tries to prevent others from obtaining a strategic technology once it possesses it itself — or at least slow others down as much as possible.

The American side, meanwhile, is primarily focused on frontier models, catastrophic risks, and the possibility of loss of control over future agents.

U.S. experts usually explain that America is not ignoring practical concerns such as jobs, privacy, or copyright. Rather, they believe frontier models are starting to create entirely new categories of risk that existing legal systems simply were not designed to handle. They seriously discuss questions such as whether models could gradually develop forms of situational awareness, learn to deceive humans, or — once connected to tools, memory systems, and open environments — begin crossing boundaries, autonomously calling resources, performing unexpected actions, or even exhibiting genuine loss-of-control behavior.

Their basic logic is straightforward: these risks cannot wait until after something catastrophic actually happens. If AI truly enters a dangerous phase, governance may come too late. From their perspective, countries should already be building early-warning systems, incident-reporting frameworks, and cross-border information-sharing mechanisms.

Many U.S. experts repeatedly stress another point: catastrophic AI risk has no borders. Even if the first serious incident happens in the United States, its consequences would spread rapidly to China as well. China would not be insulated from it. That is why, in their view, joint U.S.-China work on AI safety research, information sharing, and coordinated risk mitigation is not about one side “conceding” to the other, but about pursuing shared security interests.

When Chinese participants argue that “the U.S. basically has no AI regulation,” American experts usually push back. They point out that while the U.S. still lacks a unified federal AI law, that does not mean there is no regulation at all. California already has state-level frameworks such as SB53, and many existing laws already apply to AI, including FTC consumer protection rules and FCC cybersecurity requirements.

Some U.S. experts have also floated surprisingly concrete ideas for U.S.-China AI cooperation. They argue that the two countries do not necessarily need to share core models or sensitive technical details, but could cooperate on areas such as testing, safety evaluation, standards, risk frameworks, and mitigation principles. Red-teaming, biosecurity assessments, and agent permission management are often mentioned as realistic entry points.

Some proposals go even further. I’ve heard American experts suggest that China and the U.S. should eventually agree to embed some kind of hardcoded “killing switch” into frontier systems, so that if a model truly starts behaving dangerously, humans would still retain the ability to forcibly shut it down.

Personally, I enjoy these discussions, even when the debates become intense. I’ve been genuinely impressed by how deeply some American experts understand Chinese AI policy and industry developments. They are very serious researchers. More importantly, most people involved in these exchanges try to approach each other’s countries in a relatively objective way, minimizing politicization as much as possible. They criticize areas they think the other side handles poorly, but are also willing to acknowledge areas worth learning from. Through deeper conversations, both sides gradually get a clearer sense of each other’s real concerns and practical constraints.

If people start with the assumption that the other side is simply malicious or “evil,” then the discussion quickly drifts away from reality and becomes meaningless. At the end of the day, this is not just about geopolitics, or even personal political preferences. It is about the long-term impact AI could have on the future of humanity itself.

Despite the relatively active Track II exchanges, official U.S. engagement on this issue seemed largely frozen until recently. That changed on April 24, when a U.S. Treasury official told the media that AI would formally appear on the agenda of the upcoming Xi-Trump summit, and that the two sides would discuss possible areas of cooperation and ways to coordinate on AI safety and non-state actor threats.

Then another WSJ report yesterday said the US and China, during the leaders’ summit in Beijing, are to start a recurring set of conversations that could address the risks posed by AI models behaving unexpectedly, autonomous military systems, or attacks by nonstate actors using powerful open-source tools.

In some ways, this feels reminiscent of the Cold War nuclear era. It was precisely because nuclear weapons became genuinely civilization-threatening that the U.S. and Soviet Union were eventually forced to negotiate. Similarly, the capabilities reportedly demonstrated by Mythos — and the possibility that similar systems could eventually be abused by terrorist groups, hackers, or other non-state actors — may now be pushing the U.S. toward seeking AI safety dialogue with China.

Inside the U.S., there also seems to be a growing recognition that China may not be that far behind anymore. Dario Amodei recently told CNBC that China’s frontier AI systems may only be six to twelve months behind Mythos. Former Google CEO Eric Schmidt has said something similar, arguing that while U.S. chip controls initially slowed China down, Chinese firms rapidly adapted through software optimization and workarounds, shrinking the gap to roughly six months.

There is still no fully unified view inside the U.S. on the exact gap between Chinese and American frontier models, but most studies point in the same direction: the gap is narrowing quickly.

Recently, the U.S. Center for AI Standards and Innovation (CAISI, formerly the U.S. AI Safety Institute) reportedly evaluated DeepSeek V4 and concluded that it lags top U.S. frontier models by around eight months.

Stanford HAI’s AI Index 2026 paints an even more aggressive picture. As of March 2026, Anthropic’s top model still ranked first, but the lead over the best Chinese model had shrunk to only around 2.7%. The report also noted that Chinese and U.S. models have repeatedly traded places at the top since 2025, with overall gaps generally remaining in the single digits.

Epoch AI estimates the average Chinese lag at roughly seven months, though with substantial variation depending on the model.

The benchmark data also reflects this convergence. In LMArena blind human evaluations, the gap is now only around 27.7 Elo — roughly the difference between a 90 and a 94. Ordinary users often may not notice much difference. But in expert-level tasks, the gap widens to about 46.3 Elo, closer to the difference between an 85 and a 95. That suggests the two sides are converging rapidly in normal usage scenarios, while U.S. models still retain stronger advantages in extreme reasoning, complex agents, and difficult tasks.

An even more striking benchmark is SWE-bench Verified, which tests real-world software engineering tasks such as debugging and code modification. There, top U.S. models score 79.2% while top Chinese models score 78.8% — a difference of only 0.4 percentage points. In other words, in one of the most commercially valuable areas of AI deployment — real software engineering productivity — the top Chinese and U.S. systems are already approaching parity.

Taken together, these results broadly reinforce what people like Dario Amodei and Eric Schmidt have been saying: the gap between Chinese and American frontier AI may now be measured in months rather than generations.

And that is likely one major reason why the sense of urgency inside Washington appears to be growing. If China reaching Mythos-level capabilities is mainly a matter of time, then AI safety quickly stops being just “America’s problem” and becomes a global issue that, from the U.S. perspective, requires bringing China into the framework as well.

First, if the U.S. really starts imposing pre-deployment review requirements on Mythos-class models, that will inevitably slow the release and deployment cycle of American frontier AI systems. Chinese models would then catch up faster by comparison. From the U.S. point of view, there would therefore be strong pressure to encourage China to adopt similar safety mechanisms as well, so the U.S. is not the only side hitting the brakes.

Second, if the U.S. starts treating Mythos-level systems as “strategic capabilities” requiring anti-proliferation controls, many in Washington likely believe China would also need comparable controls. The concern is no longer just interstate competition, but diffusion to non-state actors. If the U.S. locks these systems down while China does not, terrorist groups, extremist organizations, or transnational criminal networks could simply obtain equivalent capabilities from the Chinese side instead — and vice versa. In that scenario, the entire control regime would collapse.

Third, the U.S. may eventually seek bilateral AI guardrails with China, especially regarding military or high-risk applications. That could include mutual restrictions on using frontier models for cyberwarfare, biological weapons research, or attacks on civilian critical infrastructure — perhaps loosely resembling the Obama-era U.S.-China cyber understandings.

But from the Chinese perspective, observers generally believe there are several major obstacles.

The biggest is still trust. Many Chinese policy analysts argue that if the U.S. simultaneously treats China as a strategic AI rival, frames the competition as zero-sum, and continues tightening hardware and compute restrictions, it becomes difficult for China to fully trust that AI safety cooperation proposals are genuinely about mutual security rather than constraining China’s technological rise.

There are also technical sovereignty concerns. Unlike nuclear weapons verification, frontier AI safety verification depends heavily on access to training datasets, model weights, and underlying code. Some Chinese experts worry that “joint evaluations” or “red-teaming” exercises could become channels for intelligence collection targeting Chinese frontier AI firms and potentially sensitive industrial or government-related data. In that environment, any proposal involving deep “white-box” inspection is likely to be seen as crossing a red line. But purely “black-box” promises, meanwhile, may be viewed as difficult to verify or enforce.

There is also a broader geopolitical concern. Some analysts believe that moving too quickly toward a bilateral U.S.-China AI framework could weaken China’s recent emphasis on multilateral governance through the UN system and broader Global South participation. From Beijing’s perspective, embracing a heavily U.S.-China-centered “G2” governance structure too readily could complicate China’s positioning as a representative voice for developing countries.

Finally, many Chinese observers remain deeply skeptical about the durability of U.S. political commitments. Even if the executive branch genuinely wants AI cooperation, there is concern that any agreement could later be undermined by Congress or by future shifts in American domestic politics. Some Chinese analysts worry that even if China makes real concessions or accepts meaningful constraints, future political changes in Washington could still transform those same arrangements into evidence that China is “non-transparent” or “non-compliant.”