The tech world is divided on Anthropic’s Project Glasswing. Anthropic is taking a cautious approach, only granting early access to the Claude Mythos model to a limited set of partners including Microsoft, Cisco, the Linux Foundation and CrowdStrike. The criticism is predictable and not entirely invalid. Anthropic is gatekeeping, giving an unfair advantage for big tech and SMEs are left behind.
As someone heavily using AI, I understand that this isn’t about depriving competitive advantage, this is about responsible development.
Claude Mythos isn’t a better chatbot, it is something else entirely. It has demonstrated the ability to identify and chain zero-day vulnerabilities in major operating systems. Vulnerabilities that survived in the wild for over 25 years without known exploit.
When a tool reaches that level of capability, you can’t just throw it into the wind. An unrestricted API tomorrow doesn’t just empower small businesses, it hands every malicious actor a pandora’s box of tools capable of causing real harm.
Partnering with organisations in high-stakes sectors gives the maintainers of critical systems a window to respond. Letting experts in systems millions rely on explore the risks limits exposure where security isn’t a feature, it’s a prerequisite.
The argument for democratising AI is valid in principle. But it consistently ignores the gap between offensive capability and defensive infrastructure. Right now the sword is sharper than the shield. People may paraphrase Terry Pratchett’s Death “THAT WILL BE AN IMPORTANT LESSON” but responsible development means building the shield first, in a controlled environment, before distributing the sword. AI capabilities need balance, because often there is no putting the genie back in the bottle.
The technical advantage for SMEs and independent engineers isn’t in having the most dangerous tool first, it remains where it always has, in agility and innovation.