The most powerful AI agent ever built was announced to the world on April 7, 2026. Anthropic called it Claude Mythos Preview. Then, in the same breath, they said you can’t have it. That decision — and the reasoning behind it — tells you everything you need to know about where AI is headed, and what it means to responsibly build and deploy a synthetic workforce in 2026.
Claude Mythos Preview isn’t an incremental update. It’s a step change. The benchmarks alone are staggering: 93.9% on SWE-bench Verified (the standard for real-world software engineering tasks), 97.6% on the USA Mathematical Olympiad — a competition designed for the most elite high school mathematicians on earth. For context, Anthropic’s previous flagship, Claude Opus 4.6, scored 42.3% on that same test. GPT-5.4, OpenAI’s current best, scored 95.2%. Mythos surpassed them all. On Terminal-Bench 2.1 — a test of autonomous, multi-step terminal operations run over a four-hour window — Mythos scored 92.1%. On OSWorld, which measures an agent’s ability to navigate real operating systems, manage files, and use applications: 79.6%. These aren’t chatbot metrics. They’re measures of what an autonomous agent can accomplish on its own, over time, across complex real-world environments. This is the capability profile of a synthetic workforce member — not an assistant that answers questions, but a worker that executes tasks end-to-end with minimal human direction.
Anthropic’s decision not to release Mythos publicly came down to one capability domain: cybersecurity. During internal testing, the model autonomously identified thousands of previously unknown (zero-day) vulnerabilities across every major operating system and every major web browser. It found a 27-year-old flaw in OpenBSD — one of the most security-hardened systems in the world. It found a 16-year-old vulnerability in FFmpeg. It didn’t just find these bugs. It developed working exploits for them, chaining multiple weaknesses together into full attack sequences that would take elite human security researchers weeks to replicate. The previous best model, Opus 4.6, had a near-0% success rate at autonomous exploit development. Mythos does it routinely. That gap — from near-zero to autonomous zero-day exploitation — happened in a single model generation. Engineers at Anthropic with no formal security training were able to ask Mythos to find vulnerabilities overnight and wake up to a complete, working exploit. The barrier to sophisticated cyberattack just collapsed. That’s why Anthropic went to the government first.
Rather than shelving Mythos or releasing it broadly, Anthropic launched Project Glasswing — a controlled, invite-only initiative granting access to the model exclusively for defensive security work. Partners include Amazon Web Services, Apple, Google, Microsoft, NVIDIA, JPMorganChase, Cisco, CrowdStrike, and the Linux Foundation, along with more than 40 additional organizations that build or maintain critical software infrastructure. Anthropic backed the initiative with $100 million in usage credits. The framing is significant. Project Glasswing isn’t a beta program. It’s the first large-scale deployment of a frontier AI agent as a strategic defensive asset — a coordinated synthetic workforce deployed at the infrastructure layer of the global economy, with a defined mission, scoped access, and deliberate governance. Think about what that model looks like: a fleet of autonomous agents, each hunting vulnerabilities in their own organization’s systems, sharing findings, patching before adversaries can exploit. No single human could coordinate that at this speed or scale. But a governed synthetic workforce can. That’s the future of how serious, high-stakes work gets done.
More Insights
