Claude Mythos: What We Know, What We Don't, and Why the Harness Still Matters
Anthropic’s next model leaked before they were ready to announce it. Here’s what’s actually confirmed and what’s still speculation.
How We Got Here
On March 26, security researchers discovered a misconfigured data store on Anthropic’s infrastructure that exposed roughly 3,000 internal files. Among them: a draft blog post describing a model called “Claude Mythos” with a new tier codenamed “Capybara” sitting above Opus.
Five days later, Anthropic accidentally shipped Claude Code v2.1.88 to npm with a 59.8 MB source map containing the full TypeScript source. That confirmed the Mythos references. Two security lapses in one week.
The timing near April 1 caused massive confusion. Lead Stories confirmed it was not a prank. Anthropic issued DMCA takedowns against repos that forked the code.
What Anthropic Actually Confirmed
An Anthropic spokesperson told Fortune: “We’re developing a general purpose model with meaningful advances in reasoning, coding, and cybersecurity.” They called it “a step change” and “the most capable we’ve built to date.”
That’s the official statement. Everything else comes from leaked internal documents.
What the Leaked Docs Claim
According to the draft blog post that was never meant to be published:
- 10 trillion parameters. If accurate, the largest known model.
- New “Capybara” tier above Opus, making the lineup: Haiku, Sonnet, Opus, Capybara.
- 93.9% on SWE-bench Verified - a double-digit lead over Opus 4.6.
- “Dramatically” better coding performance across complex, interconnected codebases.
- Recursive self-correction without intermediate human input.
- Cybersecurity capabilities described as “currently far ahead of any other AI model.” Found thousands of zero-day vulnerabilities including a 27-year-old OpenBSD bug.
I can’t verify any of these numbers independently. They come from internal documents Anthropic didn’t choose to release.
Project Glasswing
The cybersecurity angle is getting the most mainstream press. Axios reported that Mythos is being tested through “Project Glasswing,” a defensive cybersecurity initiative with AWS, Apple, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, and Nvidia.
The model is NOT available to the public. It’s restricted to this consortium for defensive security research. Estimated public access: Q3 2026, possibly timed with Anthropic’s reported IPO.
Pricing Speculation
Nothing official. Based on current Opus 4.6 pricing ($5/$25 per M tokens), analysts estimate 2-3x: roughly $30-45 per M input, $150-225 per M output. That’s expensive enough that context management and token efficiency matter even more.
What This Means for Agentic Coding
Here’s my take: a better model raises the ceiling. It does not change the process.
If Mythos delivers on the SWE-bench claims, every tool that uses Claude as a backbone (Claude Code, Cursor, Augment) gets a capability bump. Code generation quality improves. Reasoning over complex codebases improves. That’s genuinely exciting.
But the lessons from the last year still apply. The harness matters more than the model. On SWE-bench Verified, the same model swings nearly 5 points depending on the scaffold wrapping it. A 93.9% model with a bad harness will still produce unmaintainable code. A good harness with Opus 4.6 already ships production software.
The teams that invested in specs, architecture, verification, and harness engineering won’t need to change anything when Mythos ships. Their harnesses will just produce better output. That’s the whole point.