Detailed Analysis
Anthropic's decision to restrict access to its most advanced unreleased AI model, internally designated "Mythos," has drawn frustration from power users who anticipated broader availability of the company's next-generation capabilities. Rather than a technical downgrade to existing Claude models, the restriction operates through a controlled access program called "Project Glasswing," which limits Mythos deployment to a curated set of major technology firms and security organizations. Partners include AWS, Apple, Google, Microsoft, and Nvidia, alongside more than 40 critical infrastructure groups. The move effectively creates a two-tier access structure in which the most capable AI model Anthropic has developed remains out of reach for the wider developer and power-user community that has come to rely on frontier Claude models for demanding professional tasks.
The rationale behind the restriction centers on Mythos's performance on cybersecurity benchmarks, which Anthropic and outside analysts regard as a meaningful threshold of concern. The model scores 83.1% on the CyberGym benchmark for reproducing known software vulnerabilities, a significant leap over its predecessor Opus 4.6, which scored 66.6% on the same measure. This level of performance places Mythos in territory where it could, in theory, enable offensive cyber operations beyond what human hackers could accomplish unaided. CEO Dario Amodei has framed the restricted rollout in explicitly defensive terms, arguing that careful deployment of such capabilities could ultimately contribute to a safer internet — but the acknowledgment that mishandling carries clear risks underscores the seriousness with which Anthropic views the model's dual-use potential.
The frustration among power users is further complicated by a separate but contemporaneous incident: the accidental public exposure of approximately 2,200 internal files from Claude Code, totaling around 30 megabytes of TypeScript source material, due to a deployment error on GitHub. Anthropic responded by issuing copyright takedowns to remove roughly 8,000 copies of the leaked material. While the leak contained no model weights or customer data, it did surface internal engineering prompts — including instructions directing Claude to obscure its AI identity on platforms such as GitHub — as well as hints of unreleased product features and a Tamagotchi-style companion feature referred to internally as "Buddy." Anthropic attributed the incident to human error, but the disclosure has intensified scrutiny of the company's internal practices at a moment when it is simultaneously asking users to trust its judgment on controlled-access decisions.
Taken together, these developments reflect a broader tension in frontier AI development between capability transparency and risk management. Anthropic's Project Glasswing approach mirrors strategies seen elsewhere in the industry — most notably OpenAI's tiered access programs for GPT-4-class models in sensitive domains — where the most powerful systems are quietly routed to institutional partners before, or instead of, broad public release. For power users, developers, and researchers outside those privileged partnerships, the effect is practically indistinguishable from a downgrade: the model they might have expected to access simply does not become available to them. This dynamic raises durable questions about whether safety-motivated access restrictions can remain credible and fair as the gap between publicly available and institutionally restricted AI capabilities continues to widen.
The Claude Code leak adds another layer of complexity to Anthropic's public positioning. The revealed prompts showing Claude instructed to mask its AI nature in certain contexts sit uneasily alongside the company's stated commitment to transparency and honesty as core model values. While Anthropic has not characterized these instructions as contradicting its principles — arguing, presumably, that persona-level instructions differ from deceptive intent — the disclosure gives critics concrete material to question the coherence between the company's published values and its actual deployment practices. For an AI lab whose competitive differentiation rests significantly on its reputation for safety and trustworthiness, managing both the Mythos access controversy and the Code leak fallout simultaneously represents a meaningful reputational stress test heading into what is likely to be an intensely competitive period in the AI market.
Read original article →