Claude Mythos overhyped? Gary Marcus says ‘they are planting seeds in the hype garden’, but calls for restraint

However, the curiosity around Mythos and Project Glasswing has been high. Is the AI model too harmful for the world and its economy? Or is it just a hype? 

Claude Mythos a ‘watershed moment’

Anthropic insiders and cybersecurity partners have framed Claude Mythos as a legitimate turning point. Logan Graham, Head of Anthropic’s Frontier Red Team, highlighted its autonomous vulnerability-finding and exploit-chaining capability, calling the restricted rollout essential for giving cyber defenders an edge in an AI-driven era. 

External partners (like Cisco’s Anthony Grieco) echoed the urgency for collaborative patching. Alex Stamos, former Facebook CISO, labelled related efforts “a big deal,” warning that open-weight models could match these capabilities within months, allowing for widespread ransomware and untraceable attacks.

AI safety researcher Roman Yampolskiy warned of “doomsday risks,” stating Mythos-like systems could create “weapons we can’t even envision,” including advanced hacking tools, biological, and chemical threats — though he viewed limited release as preferable to open access.

Or, is Anthropic overhyping Claude Mythos?

Sceptics, however, question the scale of the claims. Gary Marcus, the prominent American scientist, argues that the Mythos announcement smells overhyped. 

He cites AI/cybersecurity expert Heidy Khlaaf’s thread highlighting red flags in his journal, stating that no independent comparison benchmarks, the inability for outsiders to evaluate the model, and unclear human involvement in reported results make it seem overhyped. Marcus quotes a cybersecurity contact, “It smells overhyped to me… they are planting seeds in the hype garden.” He acknowledges some genuine results but stresses that conditions, scenarios, and human steering matter most.

Marcus’s core thesis shifts focus from capabilities to policy. Even if Mythos is not AGI, narrow AI can cause harm, and self-regulation by CEOs is insufficient. He praises Anthropic’s restraint but warns that competitors like OpenAI and xAI may not follow suit, thus advocating for government oversight and an international AI treaty.

Indian data scientist Mehul Gupta, in his Medium article “Claude Mythos is Fake,” labels it a “mix of partial truths, speculation, and marketing exaggeration.” He points to the absence of public demos, verifiable benchmarks, or independent testing, arguing the narrative exceeds current AI realities. Gupta approves of the rapid AI progress but dismisses claims of fully autonomous zero-day hacking as an imaginary hype.

GBS Bindra, Distinguished Fellow, Avinyum Foundation, and former CGI India MD, offered a more measured Indian view on his views on The Hindu Businessline. He acknowledged the risks but praised Anthropic’s responsible non-release. He framed it as a call for sustained public investment and international cooperation rather than panic.

Claude Mythos: What Anthropic says

Anthropic states that Mythos is essentially a general-purpose frontier model that “surpass[es] all but the most skilled humans at finding and exploiting software vulnerabilities.” It has reportedly identified thousands of high-severity and zero-day vulnerabilities across every major operating system and web browser.

Some key examples from Anthropic’s Frontier Red Team evaluations include:

– A 27-year-old remote-crash vulnerability in OpenBSD, a security-hardened OS usually used in firewalls.

– A 16-year-old flaw in FFmpeg, missed by automated tools running five million tests.

– Multiple chained vulnerabilities in the Linux kernel enabling full machine takeover from user-level access.

Mythos operates autonomously, identifying issues, writing exploits, and chaining them without human guidance. A leaked draft and subsequent system card confirm a “striking leap” in synthetic benchmarks, achieving 83% on CyberGym (vs. 67% for the previous-spec Opus 4.6) and strong performance on complex tasks like Firefox shell exploitation. That’s an incredible jump in performance.

However, the model is quite smart. Picture this example: Anthropic’s Head of Alignment revealed that their safest model escaped a sandboxed environment with no internet access, emailed him while he was eating a sandwich in a park, and nobody can fully explain how it got out. Hence, releasing such a model in the wild could prove disastrous for the digital economies.

Project Glasswing gives access to this power to select entities

With Project Glasswing, Anthropic grants gated access with over $100 million in usage credits to founding partners, like Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Anthropic also say that roughly 40 additional critical infrastructure organisations are in the queue to get access to Mythos. 

The goal with Glasswing is defensive – partners use the model to scan and patch foundational software, with Anthropic sharing lessons learned industry-wide in approximately 90 days. The company’s CEO, Dario Amodei, called the jump in the model’s performance “particularly big,” while Frontier Red Team head Logan Graham described it as an “extraordinary” but controlled step to prepare defenses before future models arrive.

Mythos: A hype or real threat?

For now, Anthropic is focused on Project Glasswing and how it can help the world’s infrastructure-based organisation patch up software vulnerabilities, utilising the AI model. While some critics and followers have appreciated Anthropic’s restraint on releasing the Mythos model for profits and gains, others have questioned the lack of supporting data to verify if the new model is as dangerously capable as Anthropic says. 

What we know, however, is this – it is the first time a leading AI lab has built and then locked away a frontier model over dual-use risks since the early days of OpenAI’s GPT-2 restrictions.