WaveSpeedAI
← Blog

Claude Mythos 1: Access Status and What's Available

A 'Mythos 1' model briefly surfaced in Claude Code. Here's what's confirmed about Anthropic's Mythos access and what's still restricted.

By Dora 7 min read
Claude Mythos 1: Access Status and What's Available

A working note for builders trying to figure out whether they can actually use this thing.

I keep getting the same question this week: “Can I get into Claude Mythos 1 yet?” Short answer — no, almost certainly not. Longer answer — the situation is more layered than the headlines suggest, and the difference between Claude Mythos 1 showing up in a UI string and Claude Mythos 1 being something you can call from an API is the entire story. This note documents what I could verify, what’s still speculative, and what it means if your work doesn’t touch security research at all (which is most of us).

I’m writing this because the cluster of news around Mythos 1 has been muddy. Half the posts I’ve seen treat a model ID appearing in source code as a launch. It isn’t. Here’s what I found.

What “Mythos 1” actually is — and what it isn’t

The May 2026 sightings: “Mythos 1” and “claude-mythos-1-preview” in Claude Code

On May 23, 2026, TestingCatalog reported that some users briefly saw a “Mythos 1” model in the Claude Code UI, and new strings — including claude-mythos-1-preview — were spotted in the source code. The toggle was taken offline shortly after.

That’s the entire substance of the “Mythos 1 is coming” story. A model ID and a toggle string. Not a release. Not even an announcement.

Relationship to the original Mythos Preview announced April 7, 2026

Mythos Preview was announced by Anthropic on April 7, 2026 as a gated research preview — not a product. It was given to a small set of partners for cybersecurity work. The Glasswing program ran on it.

“Mythos 1” — or in full, the mythos 1 preview tag — looks like the productized version of that same model class, the API-facing name with a preview suffix. Looks like. I want to be clear: Anthropic has not confirmed Mythos 1 and the earlier Mythos Preview are the same model. The naming pattern matches the way Anthropic versions other models (preview → numbered release), but until there’s a public model card, this is a reasonable inference and nothing more.

Why a model ID appearing in source code is not a launch

A toggle in a UI tells you engineering is testing the surface. It does not tell you the model is ready, that pricing is decided, that safety evaluations passed, or that a release date exists. I’ve seen this pattern before with other vendors — feature flags show up weeks or months before anything ships. Treat the leak as a signal that something is being prepared, not as confirmation of what or when.

Where Mythos can be accessed right now

Project Glasswing partners (~50 vetted organizations)

Per Anthropic’s official Glasswing page, Mythos Preview is being used by Glasswing partners — over 50 organizations including Microsoft, Apple, Google, and Cloudflare. They get access at $25 / $125 per million input/output tokens after the initial credit pool. That’s not a sign-up form. It’s a hand-picked partnership program for organizations running critical infrastructure.

Claude Security in public beta for Enterprise

Claude Security launched in public beta for Enterprise customers. Important: it runs on Claude Opus 4.7, not on Mythos. Anthropic reports more than 2,100 vulnerabilities patched in three weeks using it. The Mythos 1 toggle that briefly appeared in Claude Security is the breadcrumb suggesting this product is being prepared as a future entry point for Mythos-class capability — but right now, what you can actually use is Opus 4.7-powered scanning.

Cyber Verification Program for vetted security professionals

There’s also the Cyber Verification Program — a pathway for red teamers, penetration testers, and vulnerability researchers to apply for access without some of the default safety constraints that block legitimate offensive security work. It’s gated. Application-only. Aimed at security professionals, not general builders.

What is not available

  • No general API access to Mythos.
  • No consumer access via claude.ai.
  • No public model card outside of partner contexts.
  • No published release date for Mythos 1.

If you’re not in Glasswing, not running Claude Security under an Enterprise contract, and not applying to the Cyber Verification Program — you cannot use Mythos right now. That’s the actual state.

What Anthropic has confirmed (and what they haven’t)

May 22, 2026 update: “Mythos-class models” as a future intent

On May 22, Anthropic stated publicly that “once we’ve developed the far stronger safeguards we need, we look forward to making Mythos-class models available through a general release.” This is the first public commitment to a broader rollout. The framing matters — “Mythos-class,” not “Mythos 1 on date X.” It’s intent, not schedule.

10,000+ high / critical vulnerabilities discovered

Glasswing’s first month yielded over 10,000 high- or critical-severity zero-day vulnerabilities. Of the 1,596 disclosed to maintainers, only 97 had been patched as of the May 22 update. That patching gap is the reason Anthropic gives for not releasing the model publicly yet — the offense / defense asymmetry is too steep.

No public release timeline

There isn’t one. Anyone telling you Mythos 1 launches on a specific date is guessing. Anthropic has explicitly said safeguards need to come first.

What signals to watch in Anthropic’s official channels

The actual launch signals — when they come — will be: a model card on docs.claude.com, a pricing page entry, a Glasswing program expansion announcement, or a Cyber Verification Program graduation. UI leaks don’t count as confirmation. They’re useful for tracking, not for planning.

Why this matters for builders

Most builders cannot access Mythos today and should plan accordingly

If your work is image generation, video, content production, marketing automation, or anything that isn’t autonomous coding or vulnerability research — Mythos is not a model you’ll use anytime soon, even if it does go public. The capability Claude Mythos Anthropics is selling here is cybersecurity and agentic coding, not creative output. It’s a cybersecurity-and-coding-focused class. The capability it’s known for is finding bugs in compiled software, not generating creative output. Pointing this out because I’ve seen people add Mythos to “AI tools to watch” lists in contexts where it has zero workflow relevance.

When restricted-preview models are worth tracking anyway

Two cases where tracking is justified even if you can’t use the model:

  1. You’re building anything that touches code generation, agentic coding, or developer tooling — Mythos-class capability will eventually land in those workflows.
  2. You’re building anything that depends on the security posture of upstream open-source libraries. The volume of zero-days being uncovered is going to reshape patching expectations.

Outside those two cases, this is news to file, not news to act on.

Thinking about availability across vendors when access is gated

The broader lesson: frontier models are increasingly arriving as restricted previews before general availability. The gap between “exists” and “you can call it” is widening. For builders, the practical posture is to plan around the models you can actually use today, and treat preview leaks as background information. Pre-committing to a model you can’t access yet — restructuring workflows around it, marketing capability you don’t have — is a worse trade than waiting for the model card.

FAQ

  1. When will Mythos be publicly released?

There is no official timeline yet. Anthropic has stated that stronger safeguards are needed first. The earliest possible limited access for some enterprises could be in June–July 2026, with general public access likely coming even later.

  1. Where is Mythos stronger than Claude Opus 4.7?

Mythos significantly outperforms Opus 4.7 in code generation, autonomous vulnerability discovery, and benchmarks like SWE-bench. It particularly excels at complex agentic tasks and real-world cybersecurity work.

  1. Can ordinary users or small teams use it now?

Basically no. Access is currently limited to Glasswing partners and large enterprises. Even on AWS Bedrock or Google Vertex AI, it remains in private preview only — no self-serve signup is available.

Previous Posts:

Share