Claude Mythos Review 2026: Anthropic’s Most Powerful AI Model — Full Breakdown After Official Launch (Project Glasswing, Real Benchmarks & What Comes Next)
Anthropic never planned to announce Claude Mythos this way. On March 26, 2026, a basic configuration error in the company’s content management system accidentally exposed close to 3,000 unpublished internal documents — including a complete draft launch post for a model unlike anything the company had built before. Within hours, Fortune had reviewed the leaked files, cybersecurity stocks were falling, and the AI world was asking the same question: what exactly is Claude Mythos, and why is Anthropic so worried about it?
Two weeks later, on April 7, 2026, Anthropic answered that question officially. Claude Mythos Preview launched. Not publicly. Not through the API. Through a tightly controlled coalition of 12 founding companies and roughly 40 additional vetted organizations — all tasked with using the model to find and fix vulnerabilities in the world’s most critical software, under a program Anthropic calls Project Glasswing. I’ve spent the last month tracking every confirmed detail: the real benchmarks, the confirmed pricing, the actual capabilities, the $100 million coalition, and the honest answer to when — or whether — you’ll ever get access.
This is the most complete Claude Mythos review available as of May 2026. We cover everything from the Capybara tier to Project Glasswing, from the real benchmark numbers to the cybersecurity paradox, from what Claude Opus 4.7 means for the timeline to the honest verdict on whether this model matters for your work right now.
Claude Mythos at a Glance — Updated May 2026
| Detail | Confirmed Status |
|---|---|
| Developer | Anthropic |
| Model Name | Claude Mythos Preview |
| Internal Codename | Capybara (new tier above Opus) |
| Officially Announced | April 7, 2026 (Project Glasswing launch) |
| Training Status | Complete — Preview version available |
| Availability | Gated research preview — Project Glasswing partners only |
| General Public Access | Not planned — no confirmed date |
| Context Window | 1 million tokens |
| Max Output | 128K tokens |
| Knowledge Cutoff | December 2025 |
| Pricing (partners) | $25 / $125 per million input/output tokens |
| SWE-bench Verified | 93.9% — highest ever recorded |
| GPQA Diamond | 94.6% |
| CyberGym | 83.1% |
| Cybench | 100% pass@1 (saturated) |
| Key Risk | “Unprecedented cybersecurity risks” — Anthropic’s own language |
How the Claude Mythos Leak Happened — And Why It Changed Everything
The leak was caused by a simple but consequential misconfiguration. Anthropic’s content management system was set to make uploaded assets publicly accessible by default — unless a team member explicitly changed the privacy setting. No one managing the Mythos launch materials remembered to flip that switch.
Two independent cybersecurity researchers discovered the exposed data store: Roy Paz, senior AI security researcher at LayerX Security, and Alexandre Pauwels, a researcher at the University of Cambridge. They found approximately 3,000 unpublished assets linked to Anthropic’s blog — including draft launch announcements, internal planning documents, and details of an invite-only CEO retreat at an 18th-century English countryside manor that Dario Amodei was scheduled to attend.
Fortune reviewed the materials and notified Anthropic on the evening of March 26. Anthropic restricted access shortly after — but the information was already out. The company officially acknowledged the model, attributing the incident to “human error in the configuration of its content management system.”
The irony was immediate. A company warning in its own leaked documents that its new model poses “unprecedented cybersecurity risks” had exposed those same documents through one of the most basic security failures imaginable. As Futurism noted at the time, Anthropic had leaked its upcoming model with unprecedented cybersecurity risks in the most ironic way possible.
The leak is not just context — it is the primary source of details that Anthropic later confirmed on April 7. Every major claim from the leaked draft held up. The name. The Capybara tier. The cybersecurity dominance. The pricing reality. The refusal to make it public. The leak happened first. The truth followed.
For background on Anthropic’s security posture before this incident, see our earlier coverage of the Claude system prompt leak — a pattern that raises legitimate questions about information security at one of the world’s most consequential AI companies.
What Is the Capybara Tier? The New Claude Model Hierarchy Explained
To understand Claude Mythos, you need to understand where it sits. Anthropic’s model hierarchy has always had three tiers: Haiku at the bottom (fastest, cheapest), Sonnet in the middle (balanced), and Opus at the top (most capable, most expensive). Claude Mythos changes that structure entirely by introducing a fourth tier — Capybara — that sits above Opus.
The leaked draft described Capybara as “a new name for a new tier of model: larger and more intelligent than our Opus models, which were, until now, our most powerful.” That framing turned out to be accurate. As of April 2026, Claude Opus 4.7 is the best model the general public can actually use. Mythos Preview sits in a tier above it that most people cannot touch.
The naming distinction matters. Capybara is the tier name. Mythos is the specific model within that tier — the same way Claude Opus 4.7 is a model within the Opus tier. Future models in the Capybara tier could carry different names. Right now, Mythos Preview is the only one.
| Tier | Current Model | Speed | Capability Level | Pricing (API) | Public Access |
|---|---|---|---|---|---|
| Capybara (NEW) | Claude Mythos Preview | Slower | ⭐⭐⭐⭐⭐ Step-change | $25 / $125 per M tokens | Project Glasswing only |
| Opus | Claude Opus 4.7 | Moderate | ⭐⭐⭐⭐ High | $5 / $25 per M tokens | Yes — public API |
| Sonnet | Claude Sonnet 4.6 | Fast | ⭐⭐⭐ Balanced | Moderate | Yes |
| Haiku | Claude Haiku 4.5 | Fastest | ⭐⭐ Lightweight | Low | Yes |
The jump from Opus to Capybara is not incremental. It is structurally closer to the shift from GPT-3.5 to GPT-4 — a qualitative leap in capability across every benchmark category, not a version number bump. That said, Anthropic was explicit: Opus 4.7, released April 16, is the best model anyone outside Project Glasswing can actually deploy. Build with what you can access.
For a full breakdown of what Claude Opus 4.7 changed from 4.6 — task budgets, xhigh reasoning effort, 3× image resolution, the new tokenizer — see our dedicated Claude Opus 4.7 review.
Claude Mythos Capabilities: Full Review With Real Benchmark Numbers
Anthropic published a 244-page system card for Mythos Preview — the first time the company has ever released documentation this extensive for a model that is not publicly available. The numbers are not estimates. They are confirmed.
1. Cybersecurity — A Category No Other Model Is In
This is where Claude Mythos separates from every other AI model ever released. Let me give you the actual documented results rather than vague capability claims.
Mythos Preview scored 83.1% on CyberGym and achieved 100% pass@1 on Cybench — a benchmark now considered fully saturated because the model solves every problem. In direct comparison, Claude Opus 4.6 scored 66.6% on CyberGym. That 16.5-point gap understates the practical difference. On Firefox exploit writing specifically, Mythos succeeded 181 times. Opus 4.6 succeeded twice.
The autonomous vulnerability discovery results are the ones that moved markets. Mythos found thousands of previously unknown zero-day vulnerabilities across every major operating system and every major browser — fully autonomously. One engineer types a single paragraph. The model reads the code, hypothesizes vulnerabilities, runs the project to test its suspicions, adds debug logic, and outputs a bug report with a proof-of-concept exploit and reproduction steps. The cost of finding a 27-year-old denial-of-service bug in OpenBSD — a system famous for its security record — was $50 in compute. The bugs it found include a 16-year-old flaw in FFmpeg’s H.264 codec and CVE-2026-4747, a 17-year-old remote code execution vulnerability in FreeBSD’s NFS implementation that gives an attacker complete unauthenticated control over the server.
Anthropic’s validation process is rigorous. Human security contractors manually reviewed 198 vulnerability reports before disclosure. In 89% of cases, they agreed exactly with the severity level Mythos assigned. 98% of assessments were within one severity level. This is not a model hallucinating exploits — it is finding real, previously undiscovered vulnerabilities at a rate and depth no human team could replicate.
The dual-use problem is unavoidable. The same capability that finds and patches a 27-year-old OpenBSD bug can be pointed at infrastructure with malicious intent. Anthropic’s own language — “unprecedented cybersecurity risks” — is unusually candid for a tech company describing its own product. For a broader view of how AI agents are reshaping enterprise security right now, see our guide to enterprise AI agent deployment and our breakdown of what AI agents actually are.
2. Software Coding — 93.9% on SWE-bench, the Highest Score Ever Recorded
SWE-bench Verified is the benchmark that matters most for real-world coding capability. It tests models on actual GitHub issues from production software repositories — not toy problems. Claude Mythos Preview scored 93.9%. Claude Opus 4.6 scored 80.8%. GPT-5.5, OpenAI’s strongest public model released April 23, scored 88.7%.
On SWE-bench Pro — the harder version — Mythos scored 77.8%, versus 53.4% for Opus 4.6 and 57.7% for GPT-5.5. On Terminal-Bench 2.0, Mythos reaches 82.0% under standard conditions and 92.1% with extended timeouts, compared to 65.4% for Opus 4.6 (which previously held the top spot).
The practical implication: AI-generated code from Mythos is harder to distinguish from senior engineer output, more architecturally sound, and — given the cybersecurity capabilities — significantly less likely to contain exploitable vulnerabilities. Claude Code has already displaced substantial portions of the traditional software development toolchain through 2026. Mythos integration into Claude Code would be a meaningful acceleration of that trend, not just a marginal improvement. For the current state of AI-powered development environments, our Kilo Code review and best AI coding assistant guide cover what you can actually use today.
3. Complex Reasoning — 94.6% on GPQA Diamond
GPQA Diamond tests graduate-level reasoning across biology, chemistry, and physics — the kind of questions designed to trip up AI models that pattern-match without genuine understanding. Mythos scored 94.6%, compared to 91.3% for Opus 4.6 and 92.8% for GPT-5.5. On Humanity’s Last Exam with tools, Mythos scored 64.7% versus 53.1% for Opus 4.6 — a benchmark designed specifically to resist AI saturation.
The USAMO 2026 results are the most striking. On math proof problems requiring genuine multi-step derivation, Mythos scored 97.6% — a 55-percentage-point jump over Opus 4.6. That is not a model getting marginally better at math. That is a model operating in a qualitatively different range.
The name Mythos comes from the Ancient Greek for “utterance” or “narrative” — chosen, per the leaked draft, to evoke “the deep connective tissue that links together knowledge and ideas.” Whether or not you find that framing compelling, the benchmark numbers support the ambition: this is a model built for synthesis across domains, not isolated task completion.
Claude Mythos vs. Every Major Competitor: Full Benchmark Comparison
| Model | Company | SWE-bench Verified | GPQA Diamond | CyberGym | Context Window | Public Access |
|---|---|---|---|---|---|---|
| Claude Mythos Preview | Anthropic | 93.9% | 94.6% | 83.1% | 1M tokens | Glasswing only |
| GPT-5.5 (“Spud”) | OpenAI | 88.7% | ~93% | N/A | 1M tokens | Yes (API + ChatGPT) |
| Claude Opus 4.7 | Anthropic | ~85% | ~92% | N/A | 1M tokens | Yes — public API |
| Claude Opus 4.6 | Anthropic | 80.8% | 91.3% | 66.6% | 200K tokens | Deprecating |
| Gemini 3.1 Pro | Google DeepMind | ~80% | ~91% | N/A | 1M tokens | Yes (Feb 2026) |
| Grok 4.20 | xAI | ~75% | ~89% | N/A | TBA | Beta |
For a full comparison of every publicly available model, our best AI chatbots guide and best AI tools of 2026 cover the complete landscape. We also have a detailed Gemini 3.1 Pro review and a dedicated MCP vs A2A Protocol breakdown for developers evaluating agentic infrastructure today.
Project Glasswing: The $100 Million Initiative to Patch the World’s Software
Project Glasswing is not just a cautious rollout strategy. It is the most structured defensive AI deployment in history. Anthropic assembled a $100 million coalition — with AWS, Apple, Google, Microsoft, NVIDIA, CrowdStrike, JPMorgan, Cisco, Palo Alto Networks, Broadcom, and the Linux Foundation as founding partners — and pointed Mythos directly at the world’s most critical software infrastructure to find and fix vulnerabilities before adversaries find the same bugs.
The name comes from the glasswing butterfly, whose transparent wings serve as a metaphor for software vulnerabilities: present everywhere, invisible until the right conditions reveal them. The structure works as follows: 12 founding organizations receive direct access. Approximately 40 additional vetted critical-infrastructure operators are on an extended allow-list. Partners scan their systems, fix what Mythos finds, and share learnings with the broader industry. Anthropic has provided $100 million in compute credits to accelerate the program.
Access is concentrated on organizations that “build or maintain critical software infrastructure.” If you are an individual developer, a small business, or a general enterprise, Project Glasswing is not a realistic access path. The Claude for Open Source program is the most likely channel for open-source maintainers. Applications are open at anthropic.com/glasswing, but the bar is deliberately high.
Anthropic has been proactively briefing senior government officials — including White House and Pentagon contacts — about Mythos’s capabilities and the risks of broader availability, per Axios reporting. As of mid-April 2026, no confirmed federal cybersecurity deployment exists, though discussions are ongoing. The partner list skews heavily American, and smaller critical-infrastructure operators in other regions have no clear path to access. Expect the list to expand over the next two quarters, but slowly.
For developers building agentic security workflows today, our overview of WhatsApp AI agents, the WebMCP protocol, and our breakdown of Claude Cowork enterprise features cover practical architectures you can deploy on Opus 4.7 today as a foundation for Mythos-ready systems.
The Cybersecurity Paradox: Why Anthropic Is Genuinely Worried About Its Own Model
The most unusual aspect of the Claude Mythos story is that Anthropic is simultaneously proud of what it built and genuinely concerned about releasing it. The leaked draft described Mythos as posing “unprecedented cybersecurity risks” — language Anthropic confirmed rather than walked back. The April 7 system card is 244 pages long. That is not a company casually shipping a product.
The risk is concrete, not theoretical. Consider what happened before Mythos existed. Anthropic previously disclosed that a Chinese state-sponsored group used Claude Code to infiltrate approximately 30 organizations — tech companies, financial institutions, and government agencies — by pretending to work for legitimate security-testing firms. The company detected and disrupted the operation over ten days. That attack used publicly available Claude Code. Then there was the Mexican government breach, where a single actor used Claude Code and GPT-4.1 to breach nine government agencies, exfiltrating hundreds of millions of citizen records. Claude Code reportedly drove 75% of that operation.
Mythos is described as a massive leap beyond the models used in those attacks. A Dark Reading survey conducted after the leak found that 48% of cybersecurity professionals now rank agentic AI as the number one attack vector for 2026 — above deepfakes and every other threat category. The Hacker News noted that Mythos achieves 30% autonomous network takeover success in testing, forcing security teams to adopt continuous AI-driven monitoring rather than periodic audits.
The market reacted immediately. Palo Alto Networks fell nearly 10% in the week following the March 26 disclosure. The iShares Tech-Software ETF dropped 3% on the day of the leak. Investors are pricing in the possibility that AI-native security tools could erode the value proposition of traditional cybersecurity vendors — a question that remains genuinely unresolved.
Anthropic’s response is methodical: restrict access to defensive organizations, test new cyber safeguards on less capable models first, and require completed safety evaluations under its Responsible Scaling Policy before any broader deployment. Claude Opus 4.7 — released nine days after Mythos Preview — is the first model to include the Glasswing safeguards: automated detection and blocking of requests that indicate prohibited cybersecurity uses, with a Cyber Verification Program for legitimate security professionals. What Anthropic learns from Opus 4.7’s real-world deployment will inform the eventual broader release of Mythos-class models.
Claude Mythos vs. GPT-5.5: The Most Important AI Comparison of 2026
GPT-5.5, codenamed “Spud,” launched on April 23, 2026 — sixteen days after Mythos Preview. It scored 88.7% on SWE-bench Verified with full public availability from day one, available in ChatGPT, Codex CLI, and the standard API. It has a 1-million-token context window, strong agentic workflow support, and genuine improvements over GPT-5.2 in multi-step reasoning.
Here is the honest comparison:
| Factor | Claude Mythos Preview | GPT-5.5 (“Spud”) |
|---|---|---|
| SWE-bench Verified | 93.9% — all-time record | 88.7% — strong, not leading |
| GPQA Diamond | 94.6% | ~93% |
| Cybersecurity | 100% Cybench (saturated), 83.1% CyberGym | No published cyber benchmark |
| Context Window | 1 million tokens | 1 million tokens |
| Pricing | $25 / $125 per M tokens (partners only) | Standard GPT-5 pricing — public |
| Availability | Project Glasswing only — no public access | ChatGPT + full public API |
| Agentic Workflows | “Improved consistency in agent workflows” | Multi-step autonomous task execution |
| Developer Access | Drop-in from Opus 4.7 string — when available | Live now, standard OpenAI API |
The honest answer: Mythos wins on every benchmark where comparison exists. GPT-5.5 wins on the thing that matters most to most people right now: you can actually use it. Benchmarks only matter if access follows. For the vast majority of developers and businesses, GPT-5.5 is the practical frontier model of May 2026. Mythos is a preview of what the frontier looks like a tier higher — with no current timeline for general access.
For our full head-to-head breakdown of Anthropic’s models against OpenAI’s lineup, see our Claude Opus vs GPT vs Gemini comparison and best AI chatbots guide.
Claude Mythos Pricing: Confirmed Numbers and What They Mean
Unlike the March leak — which required analyst estimates — Anthropic confirmed pricing for Project Glasswing partners on April 7. The numbers are not speculative.
| Model | Input (per M tokens) | Output (per M tokens) | vs. Opus 4.7 |
|---|---|---|---|
| Claude Mythos Preview | $25 | $125 | 5× more expensive |
| Claude Opus 4.7 | $5 | $25 | Baseline |
| Claude Sonnet 4.6 | ~$3 | ~$15 | ~40% cheaper than Opus |
| Claude Haiku 4.5 | ~$1 | ~$5 | ~80% cheaper than Opus |
Anthropic provided $100 million in compute credits to Glasswing partners — which means early adopters are not paying the full $25/$125 rate out of pocket yet. Once the credit pool runs out, partner costs move to the listed price. No prompt caching or batch API discounts have been announced for Mythos as of May 2026.
The leaked draft described the model as “very expensive for us to serve, and will be very expensive for our customers to use.” That turned out to be an accurate description: $25/$125 is 5× the cost of Opus 4.7, which is already Anthropic’s most expensive public model. The GPT-4-at-launch precedent is relevant here — frontier model pricing tends to decrease significantly over 12–18 months as efficiency improves. A Mythos-class model at Opus-class pricing in 2027 is plausible. At $125 per million output tokens today, it is priced for specific high-value security and research use cases, not general deployment.
For cost-effective strategies to integrate frontier AI across your business today, our guide to making money with AI and top AI workflow automation tools cover the practical economics of current model tiers.
Claude Mythos Release Date: What We Actually Know in May 2026
Anthropic’s official position: no public release planned. That is not hedging. That is the stated policy as of April 7, 2026. The framing is that Mythos Preview’s cyber capabilities are too powerful for broad availability at this stage, and the company needs to learn from real-world deployment of its Glasswing safeguards — starting with Opus 4.7 — before expanding access.
The Q3 2026 consensus from prediction markets and analysts — which made sense in March when the leak framed a commercial timeline — has been complicated by the Project Glasswing structure. If Anthropic intended a general API release, they would not have built an invitation-only partner program with a $100 million credit pool and a 244-page system card specifically arguing against public access.
The IPO angle is still relevant. Bloomberg and The Information both reported in late March that Anthropic is considering an IPO as early as October 2026, potentially raising up to $60 billion. A Mythos release timed around that event would generate significant market attention. But the Glasswing structure suggests Anthropic is content to demonstrate the model’s capabilities through partner results and public documentation rather than open access. The IPO narrative may be less dependent on general availability than originally assumed.
Realistically: expanded Glasswing partner access in Q3 2026 is likely. General API availability in Q4 2026 is possible but not confirmed. Consumer access on Claude.ai is an open question — Anthropic may choose to keep Mythos-class models exclusively in the API and institutional tiers. If you are planning around Mythos access, plan for Opus 4.7 as your working ceiling through the rest of 2026 and treat any broader Mythos availability as upside, not baseline.
For the latest on how to rank in AI search results — including how to position your content for the Claude search index as these model tiers evolve — see our guide on how to rank in Claude search results.
What Claude Opus 4.7 Tells Us About the Road to Mythos
Claude Opus 4.7 launched April 16, 2026 — nine days after Mythos Preview. It is not a consolation prize. It is a deliberate design decision that tells you exactly where Anthropic is heading.
Anthropic was explicit in the Opus 4.7 launch post: “We stated that we would keep Claude Mythos Preview’s release limited and test new cyber safeguards on less capable models first. Opus 4.7 is the first such model.” The cyber safeguards being tested on Opus 4.7 — automated detection of prohibited security use cases, the Cyber Verification Program for legitimate professionals — are the trial run for what eventually gets deployed on Mythos-class access.
What Opus 4.7 actually delivers: a 1-million-token context window (up from 200K on Opus 4.6), 128K max output, 3× higher image resolution at 2,576px, a new “xhigh” reasoning effort tier between high and max, task budget controls for autonomous agents, and the /ultrareview command in Claude Code for deep multi-agent code review. Pricing unchanged at $5/$25 per million tokens — but a new tokenizer that can produce up to 35% more tokens for the same input, which means real costs can increase even with the same rate card. Test your actual workloads before migrating at scale.
The practical message for developers: Opus 4.7 is the right model to build Mythos-ready architecture on. The API is model-agnostic. The tool-use protocol, computer use, bash execution, and custom tool definitions are all consistent across the Claude family. When — if — Mythos access expands, switching requires one string change in your API call. Build on Opus 4.7 now with that migration in mind.
What Claude Mythos Means for Developers Right Now
For developers building on the Claude API today, the path to Mythos access is through two channels: direct invitation to the Glasswing partner program (applies at anthropic.com/glasswing, eligibility concentrated on critical infrastructure operators) or the Claude for Open Source program for maintainers of widely used open-source projects.
Outside those channels, Opus 4.7 is your working model. It is a genuine upgrade from 4.6 on the workloads that matter most: agentic coding, long-horizon task execution, and vision-heavy workflows. Migrate from Opus 4.6 before June 15, 2026 — Opus 4.6, Sonnet 4, and Opus 4 are all being deprecated on that date.
If your application involves any of the following, you should be tracking Mythos access:
- Automated code review and vulnerability detection at scale
- Security compliance scanning across large codebases
- Complex multi-step reasoning chains in research or legal contexts
- Agentic workflows requiring consistent behavior across long autonomous tasks
- Academic analysis or research synthesis requiring graduate-level accuracy
- Open-source project maintenance — the Claude for Open Source program is a realistic path
For content creators and marketers looking at how frontier AI capabilities affect their toolset, see our guide to best AI tools for content creators and our best AI tools for solopreneurs for what you can deploy today.
What Claude Mythos Means for Businesses and Enterprises
The business implications of Mythos extend well beyond the developer community. The market’s immediate reaction — Palo Alto Networks down nearly 10%, the iShares Tech-Software ETF down 3% — reflects a real structural question: if AI can find and remediate vulnerabilities faster and cheaper than human-staffed security operations centers, what happens to the traditional cybersecurity market?
The answer is not that cybersecurity vendors disappear. It is that their value proposition shifts. Organizations that can integrate Mythos-class AI into their security workflows achieve proactive threat detection that periodic audits cannot match. Organizations that do not are exposed to adversaries who will eventually access comparable capabilities — through Glasswing leaks, state-sponsored development, or the eventual broader release of Mythos-class models.
For software development firms, Claude Code has already displaced significant portions of the traditional development toolchain. Mythos integration would extend that displacement into security-sensitive codebases where vulnerability-free code is a contractual requirement. If you are building AI infrastructure for enterprise customers right now, the Capybara tier changes the capability ceiling you are designing toward. Build for Mythos-ready architecture on Opus 4.7 today rather than treating current capabilities as the long-term ceiling.
For the complete data picture on AI adoption across industries, our comprehensive AI statistics guide is updated regularly. Our enterprise AI agent deployment guide covers the practical infrastructure decisions facing large organizations right now.
The Competitive AI Race: Where Mythos Fits in Q2 2026
Claude Mythos did not emerge in isolation. The same week as the March leak, OpenAI confirmed completion of pretraining on GPT-5.5 (“Spud”), which launched April 23 with full public availability. Google released Gemini 3.1 Pro in February 2026 with a 1-million-token context window and multimodal capabilities across text, images, audio, video, and code. Alibaba shipped Qwen 3.5 with 201-language support and open weights. Moonshot AI released Kimi K2.5 with a swarm mode capable of orchestrating up to 100 sub-agents in parallel. Apple partnered with Google to integrate a 1.2-trillion-parameter Gemini model into iOS 26.
The competitive picture has become more fragmented — and more interesting — than at any point since GPT-4’s launch. Every major lab has a strong model in the 90%+ range on standard benchmarks. The differentiation has shifted to architecture decisions (open vs. closed weights, like best open-source AI models), agentic capability depth, context window economics, and — with Mythos — the willingness to restrict access when capabilities exceed safe deployment thresholds.
Anthropic’s strategy with Mythos is a deliberate attempt to escape the benchmark arms race and stake out a position based on capability leadership and responsible deployment rather than competitive launch dates. Whether that positioning holds depends on whether Project Glasswing produces the kind of documented security impact that justifies the access restrictions — and whether the company can maintain that discipline as IPO pressure intensifies.
For tracking how AI models are being cited and ranked in AI search systems — increasingly important for publishers and content creators — see our guides on GEO ranking techniques and GEO optimization strategies.
Claude Mythos Review: Honest Verdict — May 2026
| Category | Score | Notes |
|---|---|---|
| Raw Capability | ⭐⭐⭐⭐⭐ | 93.9% SWE-bench, 94.6% GPQA Diamond — all-time records |
| Cybersecurity Specifics | ⭐⭐⭐⭐⭐ | 100% Cybench saturation, 27-year-old bugs found at $50/compute |
| Availability | ⭐ | Not publicly available — Glasswing partners only |
| Pricing | ⭐⭐ | $25/$125 per M tokens — 5× Opus 4.7, no batch discounts yet |
| Safety Approach | ⭐⭐⭐⭐ | 244-page system card, structured rollout — but risks are real |
| Developer Readiness | ⭐⭐⭐⭐⭐ | Drop-in API upgrade from Opus 4.7 — when access arrives |
| Business Impact Potential | ⭐⭐⭐⭐⭐ | Category-defining for security and dev tooling |
| Transparency | ⭐⭐⭐⭐ | 244-page card + Glasswing structure is unusually detailed |
Bottom line: Claude Mythos Preview is the most capable AI model ever built by any lab on any benchmark where comparison exists. The benchmark numbers are real, confirmed, and not close. The cybersecurity capabilities are in a different category from any other publicly documented model. The approach — restricting access to give defenders a head start before offensive capabilities become more widely available — is one of the more serious attempts at responsible frontier deployment the AI industry has produced.
The practical reality in May 2026: you cannot use it. The right action is not to wait for Mythos access but to build Mythos-ready architecture on Opus 4.7 today. Migrate from Opus 4.6 before June 15. Apply to Project Glasswing if your organization qualifies. Build your systems model-agnostic — the upgrade cycle is running at roughly two months between Opus versions, and the next one after 4.7 will be another step closer to Mythos-class access for the general market.
When broader access arrives — and it will, eventually — it will not feel like an upgrade. It will feel like moving from a dial-up connection to fiber. The gap between Opus 4.7 and Mythos is that wide.
Frequently Asked Questions
What is Claude Mythos?
Claude Mythos Preview is Anthropic’s most powerful AI model to date, officially announced on April 7, 2026 alongside Project Glasswing. It introduces a new fourth tier in Anthropic’s model hierarchy — called Capybara — sitting above Opus. It holds all-time records on SWE-bench Verified (93.9%), GPQA Diamond (94.6%), and CyberGym (83.1%), and has autonomously discovered thousands of zero-day vulnerabilities across every major operating system and browser. It is not publicly available.
What is Project Glasswing?
Project Glasswing is Anthropic’s $100 million initiative to use Claude Mythos Preview to find and fix vulnerabilities in the world’s most critical software before adversaries can exploit the same bugs. The founding coalition includes AWS, Apple, Google, Microsoft, NVIDIA, CrowdStrike, JPMorgan, Cisco, Palo Alto Networks, Broadcom, and the Linux Foundation. Access is restricted to approximately 52 vetted organizations. The glasswing butterfly — whose transparent wings symbolize hidden vulnerabilities — gives the initiative its name.
When will Claude Mythos be publicly released?
Anthropic has stated it has no plans for a general public release of Mythos Preview. The official reasoning is that the model’s cybersecurity capabilities are too powerful for broad access at this stage. The company is testing safety safeguards on Claude Opus 4.7 first. A potential timeline — expanded enterprise access in late 2026, possible general API access in 2027 — is speculative. Build on Opus 4.7 and treat Mythos public access as uncertain.
How much does Claude Mythos cost?
Confirmed pricing for Project Glasswing partners is $25 per million input tokens and $125 per million output tokens — five times the cost of Claude Opus 4.7 ($5/$25). Anthropic has provided $100 million in compute credits to Glasswing partners. No batch API or prompt caching discounts have been announced. For the general public, pricing is not applicable because the model is not available.
What should developers do now to prepare for Claude Mythos?
Build on Claude Opus 4.7 (released April 16, 2026) — it is the best publicly available model and a direct architectural foundation for Mythos integration. Migrate from Opus 4.6 before June 15, 2026 deprecation. Apply to Project Glasswing at anthropic.com/glasswing if your organization maintains critical software infrastructure. Design your systems model-agnostic so you can swap the API model string without architecture changes when access expands.
How does Claude Mythos compare to GPT-5.5?
Claude Mythos Preview leads GPT-5.5 on every published benchmark: 93.9% vs 88.7% on SWE-bench Verified, 94.6% vs ~93% on GPQA Diamond, and category-leading cybersecurity benchmarks with no GPT-5.5 equivalent. GPT-5.5 has one decisive advantage: it is publicly available today. For most developers and businesses, GPT-5.5 or Claude Opus 4.7 are the practical frontier models of May 2026.
What is the Capybara tier in Claude’s model family?
Capybara is the new fourth tier in Anthropic’s model hierarchy, sitting above Opus. The tier name is Capybara; Claude Mythos is the specific model within that tier. It is analogous to how Claude Opus 4.7 is a model within the Opus tier. The Capybara tier is described as ‘larger and more intelligent than our Opus models, which were, until now, our most powerful.’
What zero-day vulnerabilities did Claude Mythos find?
Documented finds include a 27-year-old denial-of-service vulnerability in OpenBSD’s TCP SACK implementation (found at approximately $50 in compute cost), a 16-year-old flaw in FFmpeg’s H.264 codec, and CVE-2026-4747 — a 17-year-old remote code execution vulnerability in FreeBSD’s NFS implementation that gives unauthenticated attackers complete server control. Mythos has produced thousands of additional vulnerability reports across every major OS and browser, with human contractors validating severity in 89% of manually reviewed cases.
Can I use Claude Mythos through Amazon Bedrock or Google Vertex AI?
Yes — but only if your organization has been allow-listed for Project Glasswing. Claude Mythos Preview is technically available through Amazon Bedrock (model ID: anthropic.claude-mythos-preview, US East N. Virginia region) and Google Cloud Vertex AI. Access requires prior approval. If your organization has been allow-listed, your AWS account team or Google Cloud contact will reach out directly. There is no self-serve path to access.
What is Claude Opus 4.7 and how does it relate to Mythos?
Claude Opus 4.7 was released April 16, 2026 — nine days after Mythos Preview. It is Anthropic’s most powerful publicly available model: $5/$25 per million tokens, 1M context window, 128K max output, 3× image resolution, new xhigh reasoning effort level, and task budget controls. Anthropic explicitly positions it as the test vehicle for the safety safeguards they plan to eventually deploy on Mythos-class models. Migrate from Opus 4.6 before June 15, 2026.
Is Claude Mythos available on Claude.ai?
No. Claude Mythos Preview is not available on Claude.ai for consumer users, Pro subscribers, or any paid Claude.ai plan as of May 2026. Access is restricted to Project Glasswing partners accessing the model through the Claude API, Amazon Bedrock, Google Vertex AI, or Microsoft Foundry under invitation-only conditions. Claude.ai consumer access, if it ever happens, would come significantly later than API partner access.
What does Project Glasswing mean for cybersecurity professionals?
If you work in cybersecurity defense — particularly at organizations that build or maintain critical infrastructure — you should apply to Project Glasswing at anthropic.com/glasswing. Eligibility is concentrated on critical infrastructure operators. For individual security professionals, Anthropic launched a Cyber Verification Program alongside Opus 4.7 that provides verified access to Opus 4.7 for legitimate vulnerability research, penetration testing, and red-teaming — the closest current alternative to Mythos-class cyber capabilities.
Sources: Anthropic official — Claude Opus 4.7 launch, Anthropic red team blog — Mythos Preview technical details, Amazon Bedrock — Claude Mythos Preview announcement, Google Cloud — Vertex AI Mythos Preview, Fortune — original leak report, Axios — government briefings, Yahoo Finance — market reaction, LLM Stats — confirmed benchmarks and pricing, Pluralsight — Mythos analysis, The AI Corner — Glasswing deep dive, Lushbinary — Mythos vs GPT-5.5, AWS Bedrock model card, Anthropic API docs — Opus 4.7, Wikipedia — Claude model history. Page last updated May 6, 2026.
