The timing compounds the concern. Security researcher Chaofan Shou discovered that Anthropic accidentally exposed approximately 500,000 lines of Claude source code across nearly 2,000 files to the public npm registry between late March and early April 2026. The leak was mirrored on GitHub over 41,500 times before remediation. Mythos appears to be the first model class trained at scale on Blackwell hardware, with additional infrastructure in development.
Attorneys should monitor two developments. First, the substantive shift in how AI safety is framed—from AI-as-threat to human code-as-threat—may reshape liability and disclosure obligations for companies deploying frontier AI systems. Second, the Claude leak itself raises immediate questions about Anthropic's operational security and code governance practices, particularly given the company's prominent role in AI safety advocacy. Any litigation involving Anthropic's security posture or third-party reliance on its systems should account for this incident and the exposed implementation details now in public circulation.