The creator of curl doesn't hold back: "The hype around Mythos is mostly marketing"
curl is an open-source library and command-line tool for transferring data over the network, developed by Daniel Stenberg since 1998. It supports over 20 protocols, including HTTP, HTTPS, FTP, SMTP, IMAP, and others, and is integrated into almost every operating system, smartphone, connected car, and IoT device on the market. With around 20 billion active installations, it is one of the most widely used software components in the world.
The model that Anthropic presented last April as potentially too dangerous for public release analyzed the curl codebase, which consists of 178,000 lines of C spread over 660,000 words (a codebase more extensive than the entire English edition of War and Peace) and returned five vulnerabilities that it confidently defined as "confirmed."
However, to recount how it went, we turn to Daniel Stenberg, the creator and lead developer of curl, in a post published on May 11. After hours of analysis conducted alongside his security team, four of the five findings from Mythos were dismissed: three were false positives referring to behaviors already documented in the APIs, and the fourth was a simple bug without security implications. The only real vulnerability will receive a low severity CVE, expected for the curl release 8.21.0 by the end of June 2026.
curl, a territory already well-trodden
To properly frame the result requires a bit of context: in the eight to ten months preceding the scan with Mythos, curl had already been meticulously examined by AISLE, Zeropath, and OpenAI Codex Security, which collectively generated between 200 and 300 bug fixes in the repository and a dozen or more published CVEs. Additionally, curl uses continuous fuzzing, traditional static analyzers with aggressive compilation options, and pull request reviews through GitHub Copilot and Augment Code. Mythos therefore analyzed a codebase that, as the report itself admits, is "one of the C codebases that has received the most analytical attention ever." In the hot paths (HTTP/1, TLS, URL parsing), Mythos found nothing, as these are the sections of code that have received the majority of analytical attention over the years.
Stenberg comments frankly: "I see no evidence that this system finds issues at a higher or more advanced level than the other tools that have preceded us." The verdict is that perhaps Mythos is slightly better, but not to a degree that would significantly change the landscape of code analysis. Stenberg does not mince words: on a codebase of 20 billion installations, 110 operating systems, 28 CPU architectures, and thirty years of history, the model presented as "the most dangerous in the world" produced only one low-severity CVE on 178,000 lines of one of the most audited codebases in the world. The word he uses, with the same bluntness, is "marketing."
Denied access to Mythos
There is a procedural detail that Stenberg recounts without hiding the embarrassment of the situation. As part of Project Glasswing (the initiative through which Anthropic distributed access to Mythos to selected partners including Apple, Google, Microsoft, Nvidia, and AWS), the Linux Foundation had also included open-source projects via Alpha Omega. Stenberg signed a contract to gain direct access to the model.
After weeks of waiting, communications about difficulties, and no access to Project Glasswing, an alternative proposal arrived: someone with access to the model would run the scan for him and deliver a report. Stenberg accepted, but the matter is far from trivial: curl is a critically relevant project installed in every smartphone, tablet, car, and server on the planet. The fact that its main maintainer did not receive direct access to Mythos, despite a signed contract, suggests that access management was handled in a not particularly transparent manner. Moreover, without information on who this "anonymous" is, it is unclear with what depth or prompts the scan was conducted.
Aside from the only confirmed vulnerability, the Mythos report produced about 20 bugs described with a level of technical detail that Stenberg views positively: "very few false positives, so I assume they used a reasonably high certainty threshold." The bugs are examined one by one by the team, and those valid are resolved. The analysis did not highlight any vulnerabilities related to memory safety, consistent with curl's defensive infrastructure, which has adopted a series of internal mechanisms for years that structurally limit the attack surface, from boundary checks on numerical operations to constrained management of buffers and string formats.
AI to analyze code
Stenberg does not conclude with a rejection of AI tools for code security. His position is more nuanced: Mythos is not extraordinarily superior to the others, but the entire category of AI code analyzers is significantly more effective than traditional analyzers. Anyone who has not yet scanned their code with these tools will almost certainly find a high number of flaws, bugs, and potential vulnerabilities. The difference lies not between Mythos and previous models but between any modern AI analyzer and what existed before.
Regarding the specific behaviors that distinguish these tools from classic SASTs, Stenberg lists a series of concrete capabilities: they detect inconsistencies between comments and code, analyze platforms and configurations where conventional analyzers cannot run, "know" the APIs of third-party libraries, and can identify misassumptions, and they are able to compare the implementation with the specifications of the protocols. Nothing theoretically new, but in practice, no previous tool was capable of doing it at scale and with this quality of output.
Stenberg closes the post hoping for new iterative scans with Mythos and other models, "until they really stop finding new problems."