Reading Anthropic's Glasswing initial update

Anthropic's "Project Glasswing: An Initial Update" hit Hacker News with 281 points and 186 comments. The headline numbers — about 50 partners, more than 10,000 high- or critical-severity vulnerabilities found by Claude Mythos Preview in a month, a 90.8% true-positive rate on the externally-reviewed sample — are striking enough that the comment thread reads as a referendum on whether AI-driven vulnerability discovery is now a solved category.

The post is labeled "An Initial Update." That label is doing real work, and it is worth being precise about what it commits to.

An initial update commits to three things. It commits to a research direction — a frontier model with custom scaffolding aimed at finding vulnerabilities in critical software. It commits to a working partnership structure — about fifty named and unnamed partners running the same model against their codebases. And it commits to early result numbers: 23,019 candidate findings, 1,900 sampled for external review, 1,726 confirmed as true positives, plus partner-specific reports such as Cloudflare's 2,000 bugs with 400 classified high- or critical-severity.

It does not commit to a paper. It does not commit to a methodology that a third party can reproduce. It does not commit to a false-negative rate — the post reports true positives on a sample of candidates that already passed an internal filter, which is a different quantity from "what fraction of real bugs in the codebase did the system miss." It does not commit to a downstream outcome — bugs found is not the same as bugs patched in production, time-to-fix, regression rate, or net change in attack surface after disclosure. And it does not commit to an external reproduction. A 90.8% true-positive rate on Anthropic's externally-reviewed sample is a real number; it is also a number whose meaning depends on which 1,900 of 23,019 candidates were selected, and by whom.