Can developers access Claude Mythos?

Individual developers cannot access Claude Mythos. It is invitation-only through Project Glasswing, limited to 12 partner organizations including Amazon, Apple, Microsoft, Cisco, and the Linux Foundation, plus around 40 additional organizations. There is no self-serve signup or public API access.

How does Claude Mythos compare to Opus 4.6?

Mythos scores 93.9% on SWE-bench Verified versus Opus 4.6's 80.8%, and 77.8% on SWE-bench Pro versus 53.4%. It also hits 82% on Terminal-Bench 2.0 and 100% on Cybench. For most routine coding work, the gap is less noticeable than the benchmarks suggest.

How much does Claude Mythos cost?

For Project Glasswing partners, Claude Mythos Preview is priced at $25 per million input tokens and $125 per million output tokens. That's significantly more expensive than Opus 4.6. There is no public pricing because the model is not available to individual developers or businesses outside the program.

Why won't Anthropic release Claude Mythos publicly?

Anthropic halted the broader release because Mythos is too capable at finding high-severity vulnerabilities in operating systems and browsers. In testing, it found thousands of zero-days, including a 27-year-old OpenBSD bug. Anthropic decided the offensive security risk was too high for unrestricted access.

When will Claude Mythos be available to the public?

Anthropic has not committed to a public release date. Based on past Claude models, a reduced-capability version may become generally available later in 2026. For now, developers should focus on getting the most value from Opus 4.6 and Sonnet 4.6 through Claude Code and the API.

Should I switch from Opus 4.6 to Claude Mythos?

You can't. Claude Mythos is not available for general use. Even for partners who have access, the significantly higher pricing ($25/$125 per million tokens) makes Opus 4.6 the better choice for routine development tasks. Stick with Opus 4.6 and watch for Anthropic's next public model release.

AI DEVELOPMENT

Claude Mythos: What It Means for Developers Who Can't Use It

Q: What is Claude Mythos?

Claude Mythos Preview is a frontier AI model Anthropic announced on April 7, 2026. It outperforms Opus 4.6 on coding and cybersecurity benchmarks and can find zero-day vulnerabilities in major software. Anthropic restricted its release to 12 Project Glasswing partners instead of making it generally available.

Q: What is Project Glasswing?

Project Glasswing is Anthropic's initiative to deploy Claude Mythos for defensive security work. Twelve partners including Amazon, Apple, Broadcom, Cisco, CrowdStrike, the Linux Foundation, Microsoft, and Palo Alto Networks use the model to find and fix vulnerabilities in critical software before attackers do.

Anthropic announced Claude Mythos Preview on April 7, 2026 - a frontier model so capable at finding software vulnerabilities that Anthropic restricted it to 12 Project Glasswing partners. Most developers can't use it. Here's what the benchmarks, pricing, and locked-down access actually mean for the rest of us working with Opus 4.6 today.

April 9, 2026•

11 min read•

AI, Security, Anthropic

Claude MythosAnthropicProject GlasswingAI SecurityOpus 4.6

TL;DR

Claude Mythos Preview launched April 7, 2026 - invitation-only through Project Glasswing
Benchmarks: SWE-bench Verified 93.9% (Opus 4.6: 80.8%), Cybench 100%, Terminal-Bench 2.0 82%
Not available to individual developers - 12 partners include Amazon, Apple, Microsoft, Cisco, and the Linux Foundation
For partners: $25/M input, $125/M output tokens - that's premium frontier pricing
What to do right now: keep using Opus 4.6, rethink your security posture, watch for the next public release

Table of Contents

What Is Claude Mythos Preview?
Why You Can't Use Claude Mythos (Yet)
Claude Mythos vs Opus 4.6 Benchmarks
What Project Glasswing Means for Security
What Developers Should Do Right Now
Will Claude Mythos Ever Be Publicly Released?
Frequently Asked Questions

What Is Claude Mythos Preview?

Claude Mythos Preview is a new frontier model from Anthropic, announced on April 7, 2026 on the company's red team page. Anthropic describes it as "a general-purpose frontier model whose coding and reasoning capabilities have crossed a threshold where it can surpass all but the most skilled humans at finding and exploiting software vulnerabilities." That's a striking phrase, and it's not marketing copy.

During internal testing, Mythos found thousands of zero-day vulnerabilities across every major operating system and web browser. It discovered a 27-year-old remote crash bug in OpenBSD and a 16-year-old bug in FFmpeg. In Firefox vulnerability experiments, Mythos developed 181 working exploits compared to Opus 4.6's 2 successful attempts out of several hundred tries.

Those numbers matter. They're why Anthropic decided to restrict access instead of shipping Mythos as their next flagship. The company launched Project Glasswing alongside the model, pairing it with 12 organizations that will use it to secure critical software before the capability becomes more widely available.

The Real Story

Most AI model launches are about benchmarks and pricing. This one is about capability gating. For the first time, a major AI lab decided a model was too offensively capable to ship publicly. That's the news - not the SWE-bench score.

Why You Can't Use Claude Mythos (Yet)

Claude Mythos Preview is not in general availability. There is no self-serve signup. You can't get access through the Claude API, Amazon Bedrock, Google Cloud Vertex AI, or Microsoft Foundry unless your organization is part of Project Glasswing. This is a first for Anthropic and a meaningful shift in how frontier models get released.

The 12 initial Project Glasswing partners are heavy hitters: Amazon, Apple, Broadcom, Cisco, CrowdStrike, the Linux Foundation, Microsoft, and Palo Alto Networks, along with a few others. According to TechCrunch's coverage, about 40 additional organizations are getting preview access for defensive security work. That's it. No individual developers, no small businesses, no "sign up for the waitlist" page.

Anthropic's reasoning comes down to risk calculus. If Mythos can find a 27-year-old OpenBSD bug in a few hours of testing, what happens when someone points it at a bank's transaction processing code with bad intent? The company decided that giving 12 trusted partners a head start on finding and patching those vulnerabilities was safer than shipping the capability to anyone with a credit card.

I've been following Anthropic's Responsible Scaling Policy for a while, and this is the first time I've seen it translate into an actual product decision at this scale. It's worth taking seriously even if you're frustrated by the access restrictions.

Claude Mythos vs Opus 4.6 Benchmarks

Here's where the capability gap becomes concrete. Mythos posts double-digit improvements over Opus 4.6 on almost every published benchmark, with the biggest jumps in cybersecurity and competition math. The numbers come from Anthropic's published system card.

Benchmark	Mythos Preview	Opus 4.6	Delta
SWE-bench Verified	93.9%	80.8%	+13.1
SWE-bench Pro	77.8%	53.4%	+24.4
USAMO 2026	97.6%	42.3%	+55.3
Terminal-Bench 2.0	82.0%	65.4%	+16.6
CyberGym	83.1%	66.6%	+16.5
Humanity's Last Exam (w/ tools)	64.7%	53.1%	+11.6
OSWorld	79.6%	72.7%	+6.9
Cybench (CTF challenges)	100%	-	Solved all 35

A few things stand out. The 55-point jump on USAMO 2026 is enormous - that's a competition math benchmark where Opus 4.6 sits in the middle of the pack and Mythos essentially solves the problem. The SWE-bench Pro improvement (+24.4 points) suggests Mythos handles harder, multi-file engineering tasks much more reliably than anything before it.

But here's the honest take: if you're writing CRUD endpoints, debugging Jenkins pipelines, or refactoring a React component, the gap between Mythos and Opus 4.6 is smaller than these numbers suggest. I've been using Opus 4.6 through Claude Code for daily work, and it handles 95% of what I throw at it. Mythos is built for the hard 5% - the security-critical code paths, the mathematical proofs, the multi-system refactors that require holding a lot of state in working memory.

According to LLM Stats' analysis, Mythos outperforms both Google Gemini 3.1 Pro and GPT 5.4 on most published benchmarks. That matters competitively, but it doesn't change the calculus for you personally if you can't get access.

What Project Glasswing Means for Security

Project Glasswing is the real product here. Anthropic paired the Mythos Preview with a coordinated defensive security initiative. 12 partner organizations scan critical software for vulnerabilities using the model, then work with maintainers to patch issues before disclosure. It's a structured program, not an open tool.

Think about what this means over the next 12 to 24 months. Major operating systems, browsers, network appliances, and open-source libraries are about to get scanned by an AI that finds decades-old bugs in hours. The Linux Foundation being in the partner list matters a lot - it suggests coordinated vulnerability discovery across the open source ecosystem, not just proprietary code.

The flip side is the arms race. Anthropic is explicit that they think the offensive version of this capability will eventually leak out, either through competitors, through open weights models like Gemma 4 catching up, or through jailbreaks. The head start they're giving defenders through Glasswing is meant to shift the balance before that happens. Whether it works is an open question.

If you're building anything that depends on the security of widely-used libraries, the next year is going to reshape your threat model. A lot of bugs that have been dormant for decades are about to get reported. That's good news if you're on top of patching, and bad news if you run unmaintained dependencies.

What Developers Should Do Right Now

Stop waiting for Mythos. You're not getting access any time soon, and even if you did, the pricing would make it impractical for routine work. Here's the practical playbook I'm following instead.

Get more value from Opus 4.6

Opus 4.6 is still the best model most developers can actually use. It scores 80.8% on SWE-bench Verified, which is strong enough for nearly all real work. Invest in better CLAUDE.md files, custom commands, and MCP integrations instead of hoping the next model bails you out. My CLAUDE.md guide covers the setup that moves the needle most.

Harden your code assuming AI scanners will find bugs

Within a year, tools built on top of Mythos-class models will scan your code automatically, either inside your company or from outside. Adopt the boring security basics now: input validation, parameterized queries, dependency audits, secrets management, SAST in CI. The bugs that have been hiding in your codebase for years are about to get noticed.

Audit your dependencies more aggressively

The Linux Foundation being part of Glasswing means open source libraries are getting scanned. Expect a flood of CVEs over the next year. Set up automated dependency updates, use lockfiles, and pay attention to security advisories for your stack. Tools like Dependabot and Renovate aren't optional anymore.

Watch for the next public release

Anthropic is likely to ship a reduced-capability version of Mythos or a successor later in 2026. Keep your Claude Code setup clean and your workflows portable so you can test new models quickly when they land. The payoff will come from being ready, not from being first.

For reference, here's what calling Opus 4.6 through the Claude API looks like if you want to benchmark your own workflow before a new model ships. Same code path will work when Mythos or its successor eventually becomes public.

pythonclaude_call.py

import anthropic

client = anthropic.Anthropic()

message = client.messages.create(
    model="claude-opus-4-6",
    max_tokens=4096,
    messages=[
        {"role": "user", "content": "Review this Python function for security issues."}
    ]
)

print(message.content[0].text)

Will Claude Mythos Ever Be Publicly Released?

Anthropic hasn't committed to a public release date. Based on how the company has handled capability gating in the past, I expect one of two paths. Either a reduced-capability version ships later this year with the hardest security-offensive capabilities removed, or a successor model ships under a different name with similar coding improvements but fewer exploitation capabilities.

The pricing hints at the second path. $25 per million input tokens and $125 per million output tokens is premium frontier pricing, not mass-market pricing. That feels like a signal Mythos Preview is meant to stay small and targeted while the next flagship gets prepared separately. For context, LLM Stats notes that this is substantially more expensive than current Opus 4.6 pricing.

What to watch for over the next few months: a Sonnet 4.7 or Opus 5 announcement, new capability evaluations in Anthropic's Responsible Scaling framework, and any changes to Project Glasswing's scope. If Anthropic expands Glasswing to more partners, that's a sign they're comfortable with the deployment model. If they quietly wind it down, something else is coming.

Frequently Asked Questions

Get the Most from Opus 4.6 While You Wait

You can't use Mythos, but you can squeeze a lot more out of the models you do have access to. Start with a solid CLAUDE.md setup and build your workflows around Claude Code.

Read the CLAUDE.md Guide

Anthropic's Mythos Page