Sam Altman used a Core Memory podcast appearance to criticize Anthropic's positioning of Claude Mythos Preview, the restricted cybersecurity-focused model released earlier this month via Project Glasswing. Altman called the framing "fear-based marketing" and offered this line: "It is clearly incredible marketing to say, 'We have built a bomb, we are about to drop it on your head. We will sell you a bomb shelter for $100 million.'" Anthropic had announced up to $100 million in Project Glasswing usage credits for partner organizations; Altman's number appears to reference that commitment directly.
The substantive disagreement is whether Anthropic's Mythos restrictions reflect capability-based caution or commercial positioning. Anthropic's published red-team report contains concrete numbers — Mythos developed 181 working Firefox JavaScript exploits in attempts where Opus 4.6 managed only 2, landed 10 tier-5 (full control-flow hijack) findings on the OSS-Fuzz corpus where the predecessor managed zero, and discovered vulnerabilities decades old in OpenBSD, FFmpeg, FreeBSD NFS, and every major browser. Mozilla's own Firefox security collaboration with Anthropic (using Opus 4.6, the public tier below Mythos) produced 22 CVEs and 14 high-severity fixes in two weeks, around 20% of Mozilla's 2025 high-severity total. Altman did not engage with the specific benchmarks in his critique.
The exchange highlights a real tension in frontier AI commercial positioning. OpenAI has historically emphasized broad access; Anthropic has emphasized scaled safety frameworks tied to capability thresholds. The Mythos/Glasswing move is the most aggressive version of the latter to date: withhold from general release, distribute to vetted partners with financial incentives, use the restricted tier to publicly demonstrate defensive value. Altman's critique lands where it does because the $100M commitment is a visible dollar figure that can be reframed as a revenue model rather than a safety cost. That reframing is not obviously correct, but it is not obviously wrong either; it depends on whether one believes the capability asymmetry between Mythos and the public frontier is real enough to justify the access framework.
Two things to register for builders. One, if you ship products that depend on a specific lab's cooperation (API access, Bedrock or Vertex partnerships, preview-tier models), the lab's public safety posture matters as an input to your risk model, not just as industry background. Altman/Amodei-style public disagreements about capability framing can translate into access policy shifts on short timelines. Two, the test of whose framing is right will be empirical over the next twelve months. If Mythos-tier capabilities show up in the wild outside Project Glasswing and produce exploitation at the scale Anthropic's report describes, the "fear-based marketing" reading gets harder to sustain. If no such exploitation materializes, the "built-a-bomb" framing starts looking overwrought. Either way, the benchmark numbers and the eventual attack data will settle this, not the rhetoric.