Anthropic confirmed on March 26 that it is testing a new AI model called Claude Mythos after a data leak exposed draft announcements and nearly 3,000 unpublished assets from the company’s blog infrastructure. An Anthropic spokesperson told Fortune the model represents “a step change” in performance and is “the most capable we’ve built to date.”

The leak occurred through what Anthropic described as a “human error” in the configuration of its content management system, which left draft blog posts and other unpublished material in a publicly accessible and searchable data store. Security researchers Roy Paz of LayerX Security and Alexandre Pauwels of the University of Cambridge independently located and reviewed the material, according to Fortune’s exclusive report. Anthropic locked down the data store after Fortune contacted the company.

A New Model Tier Above Opus

Mythos introduces an entirely new tier in Anthropic’s model hierarchy. The draft blog post reviewed by Fortune refers to this tier as “Capybara” — larger and more capable than the Opus tier, which was previously Anthropic’s most powerful line. Until now, Claude models have shipped in three sizes: Haiku (smallest/cheapest), Sonnet (mid-range), and Opus (largest/most capable).

“Compared to our previous best model, Claude Opus 4.6, Capybara gets dramatically higher scores on tests of software coding, academic reasoning, and cybersecurity, among others,” the draft blog post stated, according to Fortune.

Anthropic confirmed the performance claims directly. “We’re developing a general purpose model with meaningful advances in reasoning, coding, and cybersecurity,” a spokesperson told Fortune. “Given the strength of its capabilities, we’re being deliberate about how we release it.”

Cybersecurity Capabilities That Worried Anthropic

The draft blog post described Mythos as “currently far ahead of any other AI model in cyber capabilities” and warned that it “presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders,” according to Fortune’s review.

That assessment shaped the entire rollout strategy. Rather than a standard launch, Anthropic is giving select cybersecurity organizations early access so defenders can harden their systems before the model becomes widely available. The company is reportedly planning to expand access through the Claude API over the coming weeks, with cybersecurity use cases getting priority, the Times of India reported.

The model is also expensive to run. The draft flagged Mythos as a large, compute-intensive model, costly for both Anthropic to serve and customers to use. Anthropic is reportedly working to improve efficiency before any general release, which means a broad launch was likely not imminent even without the safety concerns.

What This Means for Agent Builders

Mythos arrives during a week when Anthropic is at the center of multiple storylines: the Pentagon injunction ruling, a reported IPO consideration, and Jack Clark’s rare long-form interview on agents and labor displacement. For builders currently choosing between Claude agents and OpenClaw’s autonomous tooling, the model’s capabilities are directly relevant.

If Mythos delivers on its benchmarks in real-world agent deployments, it could substantially close the gap between Claude’s API-based agent capabilities and OpenClaw’s local autonomous execution. The model’s apparent strength in cybersecurity tasks is particularly notable at a moment when the OpenClaw ecosystem is grappling with its own security crisis across the ClawHub marketplace.

The timing also echoes OpenAI’s February release of GPT-5.3-Codex, which OpenAI classified as its first model with “high capability” for cybersecurity tasks under its Preparedness Framework, Fortune reported. Frontier labs are now openly acknowledging that their most capable models carry dual-use risk in cybersecurity, and structuring releases around that reality.

No public timeline exists for Mythos’s general availability. Anthropic has not formally confirmed the Capybara tier name or the full contents of the leaked draft.