In a weird sort of way it does. Consider all of the following
big companies are often incompetent and inefficient in a lot of ways
The mozilla foundation has confirmed the security issues that Anthropic found were real
Generally over the past few years, anthropic has some of the best, most reliable models
Claude code has been kinda bad for a while
Claude code has been mainly bot-written for a while as well. This can lead to functional, decent code that’s still terrible in many ways as seen from the leak. Also it’s entirely possible that bots are worse at detecting issues in bot written code. You could argue if they were good at it, they would be less likely to write those security issues in the first place?
Anthropic could have very skilled ml engineers but mediocre software developers
They don’t claim that it fixes issues, only that it finds them. Maybe they know about all the issues but can’t wade through the spaghetti well enough to do anything about them.
because their new tool is new and the leaked code for claude’s frontend was written before mythos was considered mature enough to throw at your codebase?
In a weird sort of way it does. Consider all of the following
On the other hand: if their new tool is so great, why haven’t they used it to fix Claude’s security issues?
I’ve seen Claude prompts. They specifically asked it to create secure code.
Oh, that’s fine then. I’m glad they’ve solved the problem.
Good thing they had their top people working on it.
I also add “don’t hallucinate” to all of my prompts. Works like magic!
They don’t claim that it fixes issues, only that it finds them. Maybe they know about all the issues but can’t wade through the spaghetti well enough to do anything about them.
sorry for the snark, but
They’re usually stupid enough to footgun their own brand too
because their new tool is new and the leaked code for claude’s frontend was written before mythos was considered mature enough to throw at your codebase?