There is now a Claude you can use, and a Claude that Anthropic will not give you. The gap between them is the most candid public statement any frontier AI lab has made about what its models are actually capable of.
On April 16, Anthropic released Claude Opus 4.7, the latest in its flagship Opus line. The model is a genuine improvement over its predecessor: notably stronger at software engineering, particularly the long-horizon work that previously required close human supervision. Vision resolution has tripled, accepting images up to 2,576 pixels on the long edge, with meaningfully better accuracy on chemical structures and technical diagrams. A new "xhigh" effort setting gives developers finer control over the tradeoff between reasoning depth and response latency. Pricing is unchanged at five dollars per million input tokens and twenty-five per million output tokens.
But the announcement included an unusual sentence. Opus 4.7, Anthropic said, is "less broadly capable" than Claude Mythos Preview, its newest frontier model. And unlike Mythos, Opus 4.7 has been deliberately trained with reduced cybersecurity capabilities.
Mythos, released on April 7 as part of Project Glasswing, represents a different category of AI entirely. In the weeks before its announcement, it had been used to identify thousands of previously unknown zero-day vulnerabilities across every major operating system and browser, including a flaw in OpenBSD that had gone undetected for 27 years and one in FFmpeg that survived 16 years of auditing and fuzzing. The performance gap against its predecessor is stark: on developing working Firefox exploits, Opus 4.6 succeeded twice across several hundred attempts; Mythos succeeded 181 times.
The capability gap was significant enough that Anthropic made the decision not to release Mythos publicly. Access is restricted to 12 named partner organizations through Project Glasswing: Amazon, Apple, Broadcom, Cisco, CrowdStrike, the Linux Foundation, Microsoft, and Palo Alto Networks, among others. The stated rationale is defensive: partners use Mythos to find and patch vulnerabilities before adversaries can exploit the same techniques.
The financial system has taken notice. Federal Reserve Chair Jerome Powell and Treasury Secretary Scott Bessent convened a meeting with major US bank chief executives on April 10 specifically to discuss Mythos and its implications for critical financial infrastructure. That a preview release restricted to twelve partners could prompt a coordinated briefing at that level suggests the practical stakes are already being taken seriously by people who do not usually convene emergency meetings about developer tools.
Opus 4.7 exists in this context as an intentionally limited product. It is Anthropic's most capable model for general deployment, made so partly by removing what makes Mythos dangerous in the wrong hands. The cybersecurity limitations in Opus 4.7 are not architectural constraints: they are choices. Anthropic is doing something that most technology companies quietly avoid: publicly acknowledging the gap between what it can build and what it considers safe to release, and then releasing the lesser version on purpose.
Whether this approach holds as capabilities continue to grow is the real question. The stratified model, where the powerful version is kept behind a controlled preview and the public version is deliberately hobbled, depends on that preview remaining actually controlled. For now, Opus 4.7 is the version you can build with. The other one is something else.