NHS England, which oversees the National Health Service in England, is reportedly preparing to make almost all of its open-source repositories private. The reason is concern that advanced AI models could find security vulnerabilities in public code.
The report comes from UK technologist Terence Eden, who in his blog post titled “NHS Goes To War Against Open Source” says multiple people contacted him about the same internal guidance. But it must be said that, as of now, NHS England has not publicly announced the change.
Eden says the guidance note was sent out on April 29 and sets a ‘private by default’ rule for source-code repositories. The guidance reportedly states that repositories ‘must not be public’ unless there is a clear exceptional need and public access has been formally approved by the Engineering Board.
In addition, Eden argues that the reported guidance conflicts with the UK government’s Technology Code of Practice, which tells public-sector teams to publish code and use open-source software to improve transparency, flexibility, and accountability.
According to him, public repositories are set to become private on May 11, 2026. Teams that need an exemption must request it by the end of May 6. The main reason given is the security risk from AI-assisted code analysis.
The guidance reportedly warns that public repositories can reveal source code, architectural choices, configuration details, and other information that advanced AI models could exploit through analysis of large volumes of code. Eden’s report specifically mentions Anthropic’s Mythos model.
Looking at the public NHS.UK GitHub organization, you can see repositories like nhsuk-frontend, nhsuk-service-manual, nhsuk-prototype-kit-package, nhsapp-frontend, cookie-consent, and accessibility-training. Most of these are related to frontend, design systems, service manuals, prototypes, and accessibility, not sensitive healthcare systems.
Open-source advocates say making code private does not automatically make it more secure, especially if the repositories have already been public and could have been copied or downloaded. They also believe that AI-based vulnerability discovery should lead to better review, hardening, and disclosure processes, not to removing public access to code funded by taxpayers.
At the same time, transparency is another key issue. Public repositories let outside developers, researchers, and users review public-sector software, report issues, reuse parts, and see how digital services are built. Making most repositories private would reduce this visibility and could limit collaboration on shared public-sector tools.
So, for now, it appears that NHS England is reportedly moving toward a broad policy of making repositories private by default, with AI-assisted vulnerability scanning as the main concern. The bigger question, however, is whether this approach actually improves security or just reduces open-source transparency in one of the UK’s most important public services.
