project-glasswing-vulnerability-discovery

star 1

Methodology from Anthropic's Project Glasswing — using frontier AI models for large-scale cybersecurity vulnerability discovery and remediation. Based on May 22, 2026 initial update.

hiyenwong By hiyenwong schedule Updated 6/4/2026
play_arrow Run Skill in Manus View GitHub

name: project-glasswing-vulnerability-discovery category: ai_collection description: Methodology from Anthropic's Project Glasswing — using frontier AI models for large-scale cybersecurity vulnerability discovery and remediation. Based on May 22, 2026 initial update. tags: [anthropic, cybersecurity, vulnerability-discovery, glasswing, mythos-preview, ai-security]

Project Glasswing: AI-Powered Vulnerability Discovery

Methodology from Anthropic's Project Glasswing (May 22, 2026 update) — using frontier AI models for large-scale cybersecurity vulnerability discovery and remediation.

Core Concept

Collaborative effort using Claude Mythos Preview to find and fix critical software vulnerabilities at unprecedented scale. Progress limited by verification speed, not discovery speed.

Key Results (as of May 22, 2026)

  • 10,000+ high- or critical-severity vulnerabilities found across ~50 partner organizations in first month
  • Open-source scanning: 1,000+ projects scanned, 6,202 high/critical estimated (23,019 total), 90.6% true positive rate
  • 1,752 high/critical assessed: 90.6% valid true positives, 62.4% confirmed high/critical severity
  • ~3,900 high/critical projected in open-source alone
  • 10x+ increase in bug-finding rate for most partners
  • Cloudflare: 2,000 bugs found (400 high/critical), false positive rate better than human testers
  • Mozilla: 271 vulnerabilities in Firefox 150 — over 10x more than with Claude Opus 4.6
  • Palo Alto Networks: 5x as many patches as usual
  • Microsoft: "continue trending larger for some time" on new patches
  • Oracle: Finding and fixing multiple times faster than before
  • Bank partner: Mythos Preview helped detect and prevent a fraudulent $1.5M wire transfer

External Validation

  • UK AI Security Institute: Mythos Preview is the first model to solve both of their cyber ranges end-to-end
  • XBOW: Reports "significant step up over all existing models" on web exploit benchmarks
  • ExploitBench / ExploitGym: Mythos Preview shown as strongest performer
  • wolfSSL exploit: Mythos Preview constructed a working exploit for this widely-used cryptography library

Methodology

  1. AI model scans critical-path software for vulnerabilities
  2. Partners verify and triage findings (90.6% true positive rate)
  3. Coordinated vulnerability disclosure (90-day standard window)
  4. Patches rolled out, then findings disclosed
  5. External security research firms validate findings independently

Key Insight

"Progress on software security used to be limited by how quickly we could find new vulnerabilities. Now it's limited by how quickly we can verify, disclose, and patch."

Activation

glasswing, vulnerability discovery, AI security, cyber vulnerability, mythos preview, bug finding, offensive security, coordinated disclosure

Install via CLI
npx skills add https://github.com/hiyenwong/ai_collection --skill project-glasswing-vulnerability-discovery
Repository Details
star Stars 1
call_split Forks 0
navigation Branch main
article Path SKILL.md
Occupations
Engineers all other
More from Creator
hiyenwong
hiyenwong Explore all skills →