Claude Mythos is the MIND of CLAWMYTHOS — frontier reasoning that out-finds all but the most elite human researchers at vulnerability discovery. Born in Project Glasswing at Anthropic, it is reproduced here as an open 8-phase agentic pipeline on Claude Opus 4.7, hunting live builds for roughly $1 a scan.
Claude Mythos is the reasoning core that powered Project Glasswing, Anthropic's initiative to secure critical software for the AI era. Its premise is blunt: AI has reached the point where it can out-find all but the most elite human vulnerability researchers. Across Glasswing partners, that translated into hundreds of high- and critical-severity bugs in production code, a 10×+ jump in bug-finding rate, and — at Cloudflare alone — 2,000 bugs surfaced, of which 400 were high or critical, contributing to roughly 10,000 high-severity flaws found across the program.
CLAWMYTHOS reproduces that capability in the open. Rather than an unreleased model, the pipeline runs on the public Claude Opus 4.7, wrapped in an agentic scaffold that turns a single repository into a stream of validated, severity-scored findings. The whole run lands at roughly $0.30–$1.50 — 25–50× cheaper than the $20–$50 of comparable commercial scans — which is what makes continuous, outside-in self-scanning of open-source software economically possible.
Each scan flows through a fixed sequence of phases. Earlier phases narrow a whole repository down to the handful of files most likely to hide an exploitable sink; later phases hunt those files adversarially against a live build, then validate every claim with a skeptical second pass before anything is reported.
Each file is hunted by K=3 independent hunters with different framing and strategy. pass@k diversity widens coverage — a bug one hunter walks past, another walks into.
Hunters don't just read code — they compile, run, and test it inside the sandbox against live builds, converting a plausible flaw into a reproduced one.
A self-challenge pass attacks each finding, then a skeptical validator backed by cross-session FP memory rejects anything it can't stand behind.
The same sink-guided method generalizes across the stack. Mythos hunts memory-safety and injection classes in C/C++, dynamic-language flaws in Python, PHP, and JS/TS, and lower-level issues in firmware, kernel, and web codebases — because the catalog of dangerous sinks travels even when the syntax does not.
Economics are the unlock. A full autonomous run costs roughly $0.30–$1.50 — about 25–50× cheaper than the $20–$50 of commercial equivalents — cheap enough to scan continuously rather than once.
Findings are committed with a SHA-3-256 hash at discovery time — a cryptographic hash-now, reveal-later proof that fixes provenance before any detail is disclosed. The framework ships under Apache-2.0 with a lawful-use posture and coordinated disclosure: maintainers are given the window to patch before anything goes public. Mythos is built to find flaws so they can be fixed — not weaponized.