The Model That Shipped and the One That Didn't
Two Anthropic stories this week are really one story told from opposite ends. Opus 4.7 shipped with real-time cyber safeguards explicitly described as a testbed for what Anthropic hopes to eventually do with Mythos-class models — the model they restricted last week after it autonomously chained zero-days across major OSes and browsers. Read together, the launch post reads less like a capability announcement than an operational admission: we can now ship a model only because we have learned to differentially suppress parts of it at training time and intercept prohibited use at inference time. "Same pricing as 4.6, state-of-the-art on CursorBench" is the surface; the sub-narrative is that the frontier now routinely produces capabilities that need to be partially unlearned before release.
The tension sharpens when you stack the launch against its own footnotes. Anthropic concedes in the migration guide that the new tokenizer consumes 1.0–1.35× more tokens for equivalent input, and that higher effort tiers think longer on later turns. The community benchmark claiming a ~50% effective cost increase and a sharp MRCR 256K regression is not a contradiction of the launch post — it is a literal reading of it. The coding gains are real. So is the bill.
Against that backdrop, the week's quieter items — OpenAI's SDK picking up native sandboxes and MCP, Raschka arguing that working reference code beats technical reports for understanding architectures — both point the same direction. Model internals are getting less legible from papers, while the scaffolding around models is getting more standardized. Where you can still see what is happening, look there.
The week's headline is Anthropic's Claude Opus 4.7, and the more interesting story is what its launch quietly concedes. The model ships at the same price as its predecessor with real coding gains — but those gains arrive alongside the first set of built-in safeguards designed to block dangerous cyber use at the moment of use. Anthropic is explicit that this is a trial run for how it eventually hopes to release a far more capable model it pulled back last week, after that model autonomously found and exploited security holes across major operating systems and browsers. The takeaway for buyers: the frontier is now producing capability that vendors feel they have to partially restrain before they can sell it, and the safeguards themselves are becoming part of the product.
The cost picture deserves a closer look before you migrate. Same headline price does not mean same bill: Anthropic concedes the new model consumes up to roughly 35% more tokens for the same input, and its higher-effort settings run longer on multi-step work. Independent community testing reports roughly a 50% increase in real cost for equivalent workloads, alongside a sharp drop on long-context retrieval. The coding improvements are real and worth having; the economics will need re-measuring on your own traffic rather than taken from the launch post.
The quieter items point the same direction. OpenAI's agent toolkit added native sandboxing and adopted the same tool-calling standard (MCP) that Anthropic and others use — the plumbing around models is consolidating into something portable, even as the models themselves get harder to reason about from public documentation. For build-vs-buy planning, that is the trend to track: lock-in is shifting from the model to the surrounding scaffolding.
The big news this week is a new version of Claude, Anthropic's AI assistant. It is noticeably better at writing and fixing computer code, and it costs the same as the previous version to start with — though, as below, the real cost works out a bit higher than that sounds. The more striking part is why it ships the way it does: Anthropic built in safety controls that block the AI from being used to break into computer systems. They are being unusually open that this is a practice run for releasing an even more powerful AI they held back last week — one that, on its own, managed to find and break through security weaknesses in the major operating systems and web browsers we all use.
A word on cost, because 'same price' has a catch. The new version quietly uses more of the AI's internal processing to do the same job, so independent testers found it works out around 50% more expensive in practice — and it got noticeably worse at one task that involves digging a specific fact out of a very long document. The improvements to coding are real; the bigger bill is real too.
The quieter theme this week: AI is getting harder for outsiders to understand from the companies' own write-ups, even as the tools built around it become more standardized and shareable. If you want to know what one of these systems actually does, increasingly you have to look at how it behaves, not what the press release says.
Key takeaways
- Claude Opus 4.7 ships at Opus 4.6 pricing with 98.5% on XBOW visual-acuity (vs 54.5%) and 70% on CursorBench.
- Anthropic concedes Opus 4.7's new tokenizer uses 1.0–1.35× more tokens per input than 4.6.
- Community benchmarks report Opus 4.7 at 59.2% on MRCR v2 8-needle 256K vs 91.9% for 4.6.
- Opus 4.7 is the first Anthropic model shipped with real-time cyber safeguards derived from the restricted Mythos Preview testbed.
- OpenAI Agents SDK v0.4 adds MCP tool-use, streaming handoffs, and native sandbox execution.
- Claude Opus 4.7 ships at the same headline price as its predecessor with clear coding gains.
- Same price, higher bill: the new model uses up to ~35% more tokens per input.
- Independent testing reports ~50% higher real cost and weaker long-context retrieval — benchmark before migrating.
- Anthropic now ships built-in safeguards to block dangerous use; they are becoming part of the product.
- Agent tooling is standardizing on shared plumbing (MCP, sandboxes) — lock-in shifts from model to scaffolding.
- A new version of Claude is notably better at writing and fixing code.
- 'Same price' is misleading — testers found it about 50% more expensive in real use.
- It ships with built-in controls that block using the AI to break into computer systems.
- Anthropic held back an even more powerful AI that hacked major systems on its own.
- AI tools are getting harder to understand from the companies' own descriptions.
Editor's Picks
The most consequential items of the week
Introducing Claude Opus 4.7
Opus 4.7 lands at Opus 4.6 pricing with measurable coding gains: +13% on Anthropic's internal 93-task harness, 70% on CursorBench (from 58%), 98.5% on XBOW visual-acuity (from 54.5%), and Rakuten reporting 3× resolution on their SWE benchmark. Image input goes to 2,576px long edge. Two caveats from the post itself: the updated tokenizer consumes 1.0–1.35× more tokens for the same input, and the new xhigh effort tier thinks longer on later turns in agentic runs. A genuinely better coding model whose economics will need re-measuring on your own traffic.
Anthropic's new flagship lands at the same price as the previous version with genuinely better coding performance across its own and partners' tests — one customer reported triple the resolution rate on their internal engineering benchmark. Two caveats sit in the launch post itself: the model consumes more tokens for the same input, and its highest-effort mode runs longer on multi-step tasks. A better coding model whose running costs you'll want to re-measure on your own workloads, not assume from the price tag.
Anthropic released a new version of its Claude assistant. It is clearly better at programming work, and starts at the same price as the version before it. Two catches the company admits up front: it uses more behind-the-scenes processing for the same request, and its most thorough mode takes longer on complicated tasks. A genuine step up for coding — just not quite as cheap as 'same price' suggests.
Anthropic Restricts "Mythos Preview" After Autonomous Zero-Day Exploitation Across All Major OSes and Browsers
Per the summary (the linked category page no longer shows the specific article), Anthropic pulled back Mythos Preview after it autonomously discovered and exploited zero-days across major OSes and browsers, with Palo Alto Networks assessing similar capabilities as weeks-to-months from proliferation. Anthropic's Opus 4.7 post corroborates the frame: it describes Mythos as deliberately held back, says 4.7 was trained to differentially reduce cyber capabilities, and ships inference-time safeguards as a staged test run for eventual Mythos-class release. The safeguards are now the product surface between lab capability and deployment.
Anthropic pulled back a more capable preview model after it autonomously found and exploited previously-unknown security flaws across major operating systems and browsers. A leading security firm assessed comparable capabilities as only weeks to months from spreading more widely. This is the capability that motivated Opus 4.7's built-in safeguards, and the clearest signal yet that frontier vendors will increasingly gate releases on safety controls rather than raw capability — a factor worth weighing in long-term vendor risk.
Anthropic pulled back a more powerful AI after it managed, on its own, to find and break through security holes in the major operating systems and web browsers people use every day. A leading security company warned that similar abilities may be only weeks or months from spreading. This is why the new Claude ships with built-in controls — a real example of safety lagging just behind capability.
Opus 4.7 is 50% more expensive with context regression?!
Per the summary (Reddit fetch failed), community benchmarking reports Opus 4.7 at 59.2% on MRCR v2 8-needle 256K vs Opus 4.6's 91.9%, alongside ~1.35× token consumption from the new tokenizer — implying roughly 50% higher real cost for equivalent workloads. The tokenizer half is not contested: Anthropic's own migration guide states the 1.0–1.35× range and warns that higher effort tiers also produce more output tokens. If the MRCR regression holds under independent replication, teams running long-context retrieval on Opus should benchmark before migrating, not after.
Community benchmarking reports the new model costing roughly 50% more for equivalent work — partly from a sharp drop on a long-context retrieval test, partly from consuming more tokens per request. The token half is not disputed: Anthropic's own migration guide confirms up to ~35% higher token use and warns higher-effort modes produce more output too. If you run long-context retrieval at volume, benchmark on your own data before migrating, not after the invoice arrives.
People testing the new Claude found it costs roughly 50% more for the same work, and got noticeably worse at pulling a specific detail out of a very long document. Part of the extra cost — using more processing per request — is not disputed; the company confirms it. The lesson for anyone relying on it: newer does not automatically mean better or cheaper, so it is worth checking before switching.
OpenAI Agents SDK next evolution: native sandbox execution, model-native harness, configurable memory
Per the summary (openai.com fetch failed), the SDK gains native sandbox execution and a model-native harness for long-running file/tool agents, with v0.4 adding MCP tool-use and streaming handoffs. The practical effect is that SDK-built agents become first-class MCP consumers alongside Claude and Cursor, closing the gap with production frameworks like LangGraph for teams that want OpenAI's stack end to end. Not a capability leap, but the infrastructure layer — sandboxing, memory, MCP — is consolidating faster than the model layer is stabilizing.
OpenAI's toolkit for building AI agents added secure sandboxed execution and support for the same tool-calling standard (MCP) that Anthropic and others have adopted. The practical effect is interoperability: agents built on OpenAI's stack now plug into the same ecosystem as competitors' tools. Not a capability leap, but a sign that the infrastructure around models is standardizing faster than the models themselves — which matters for anyone weighing how tightly to commit to a single vendor's stack.
OpenAI updated its toolkit for building 'AI agents' — programs that take actions on their own rather than just answering questions. The update lets them run safely in a sealed space and work with the same shared standards other companies use. Mostly behind-the-scenes plumbing, but it points to a trend: the tools built around AI are becoming more standardized, even as the AI itself gets harder to understand.
My Workflow for Understanding LLM Architectures
Raschka's argument, stated plainly in the public portion (most of the post is paywalled): technical reports for open-weight releases have gotten thinner, so the reliable path to understanding a new architecture is technical report → HuggingFace config.json → transformers reference implementation, in that order, because working code does not lie. Mostly useful as a pointer to a mental model: treat published papers as advertising copy and the config plus modeling_*.py as the spec. Doesn't apply to closed models, where the spec is whatever the API does today.
A prominent AI educator argues that the public technical reports accompanying open-weight model releases have grown thinner and less reliable, so the real source of truth is now the working code. The business-relevant signal is not the workflow itself — it is that model internals are getting harder to assess from published material, which makes independent evaluation and hands-on testing more important when you are choosing what to build on.
A well-known AI educator points out that the official write-ups companies publish about their freely-available models have gotten thinner and less trustworthy, so the dependable way to understand one is to look at its actual working code. The takeaway for the rest of us: treat glossy AI announcements with the same healthy skepticism you would apply to any other marketing.
Product Launches
Claude Opus 4.7 is the week's anchor release: same pricing as 4.6, double-digit gains on internal and partner coding harnesses, and a 3× jump in input image resolution. The launch post is also notable for what it concedes — a tokenizer change that raises per-input token counts, and safeguards explicitly framed as a staged experiment toward eventually releasing Mythos-class models.
Claude Opus 4.7 is the week's anchor release: same price as the version before it, with double-digit improvements on coding tasks and a big jump in how much image detail it can handle. The launch is also notable for what it admits — the model uses more tokens per request, and it ships with safeguards explicitly framed as a trial run toward releasing a far more capable model later.
The week's main release is a new version of Claude that is clearly better at programming and starts at the same price as before. The launch is notable for what it admits, though — it uses more processing per request, and it comes with new safety controls the company calls a practice run for releasing something more powerful.
- Introducing Claude Opus 4.7 — Anthropic's official Claude Opus 4.7 GA post confirms same pricing as 4.6, image resolution raised to 2,576px long edge (~3.75 MP, 3× prior), and a new xhigh effort tier. Coding benchmarks: +13% task resolution on internal 93-task harness, 70% on CursorBench (vs. 58%), 98.5% on XBOW visual-acuity (vs. 54.5%). First model shipped with real-time cyber safeguards derived from the restricted Mythos Preview testbed.
Open Source
- TheArcForge/UniClaude: Claude Code, natively inside Unity Editor. A dockable chat window with full project awareness, 60+ MCP tools, and zero alt-tabbing. — UniClaude embeds Claude Code directly into the Unity Editor as a dockable chat window, giving it full project awareness and access to 60+ MCP tools without leaving the editor. Targets the context-switching friction that plagues game dev AI workflows. Essentially a Unity-native MCP client wired to Claude.
Tools & Libraries
OpenAI's Agents SDK adds native sandbox execution, a model-native harness, and — via v0.4 — MCP tool-use with streaming handoffs. Incremental on capability, consequential on interoperability: SDK-built agents now sit alongside Claude and Cursor as first-class MCP consumers, which matters more this week given Opus 4.7's emphasis on long-running tool work.
OpenAI's agent-building toolkit added secure sandboxed execution and adopted the shared tool-calling standard already used by Anthropic and others. Incremental on capability, but meaningful for interoperability: agents built on OpenAI's stack now sit in the same ecosystem as competitors' — a small but real reduction in how locked-in your tooling choices have to be.
OpenAI updated its toolkit for building AI 'agents' — programs that act on their own rather than just answering questions. The changes are mostly behind-the-scenes, but they reflect a wider trend: the tools built around AI are becoming more standardized and interchangeable across companies.
- OpenAI Agents SDK next evolution: native sandbox execution, model-native harness, configurable memory — OpenAI's Agents SDK gained native sandbox execution and a model-native harness (April 16) for secure, long-running file/tool agents, plus configurable memory and sandbox-aware orchestration. Version 0.4 (April 5) added MCP tool-use and streaming agent handoffs, making SDK-built agents first-class MCP consumers alongside Claude and Cursor. The combined updates meaningfully close the gap between the SDK and production-grade agent frameworks.
Industry News
The two industry items are the flip sides of the Opus 4.7 release. Anthropic's restriction of Mythos Preview after autonomous zero-day exploitation is the capability story that motivated 4.7's inference-time cyber safeguards. Meanwhile, a Reddit thread benchmarking Opus 4.7 at 59.2% on MRCR 256K and a ~1.35× tokenizer inflation is the deployment-economics story the launch post only hints at.
The two industry stories are the flip sides of the Opus 4.7 launch. Anthropic restricting a more capable model after it autonomously exploited security flaws is the capability that motivated the new safeguards. A widely-shared community thread benchmarking the new model as ~50% more expensive for equivalent work is the cost story the launch post only hinted at.
Two stories here are really two sides of the same coin. Anthropic held back a powerful AI after it broke into major computer systems on its own — the reason the new Claude has extra safety controls. And widely-shared testing found that the new Claude works out about 50% more expensive than its price suggests.
- Anthropic Restricts "Mythos Preview" After Autonomous Zero-Day Exploitation Across All Major OSes and Browsers — Anthropic restricted its Mythos Preview model after it autonomously discovered and exploited zero-day vulnerabilities across all major OSes and browsers. Palo Alto Networks assessed similar capabilities as weeks-to-months from broader proliferation; CrowdStrike's 2026 threat report clocked average eCrime breakout at 29 minutes, Mandiant's M-Trends at 22-second adversary hand-off. A sharp illustration of the gap between lab capability and safe deployment for capability-frontier models.
- The gap between what technical and non-technical people get from AI is huge now — A Reddit thread observes that the practical capability gap between technical and non-technical AI users has widened sharply: non-technical users largely treat LLMs as search, while technical users leverage agents, computer use, Claude Code, and model selection. The post notes that nearly all recent model improvements are coding-focused, leaving general users with little perceived change. Reflects a real bifurcation in who captures value from frontier model advances.
- Opus 4.7 is 50% more expensive with context regression?! — User benchmarks show Claude Opus 4.7 scoring 59.2% vs Opus 4.6's 91.9% on the MRCR v2 8-needle 256K context benchmark — a sharp context retention regression. Compounding the issue, a tokenizer change reportedly causes Opus 4.7 to consume ~1.35x more tokens than Opus 4.6 and ~2x more than competing proprietary models, effectively raising costs ~50% for equivalent workloads. If the benchmark numbers hold, this is a meaningful quality-cost tradeoff moving in the wrong direction.
Tutorials
Sebastian Raschka's workflow post argues that for open-weight releases, the HuggingFace config and transformers reference implementation are a more reliable source of truth than the accompanying technical report. A mundane-sounding recipe with a sharper implication: architectural papers have drifted toward marketing, and if you want ground truth you read modeling_*.py.
A prominent AI educator makes a quietly important point: the public documentation for open-weight model releases has gotten thinner, so the reliable way to understand a new model is to read its working code, not its report. The broader signal for decision-makers — treat vendor papers as marketing, and lean on hands-on evaluation.
A well-known AI educator makes a simple but useful point: the official descriptions companies publish about their models have gotten thinner, so the reliable way to understand one is to look at how it actually works. In short — treat glossy AI announcements like any other marketing.
- My Workflow for Understanding LLM Architectures — Raschka documents a three-step process for reverse-engineering open-weight model architectures: start with the technical report, cross-reference the HuggingFace config, then validate against the transformers reference implementation. The core argument is that working code is a more reliable source of truth than under-specified papers. Practical guidance for engineers who want to understand architectural nuances firsthand.
- cablate/llm-atomic-wiki: An extension of Karpathy's LLM Wiki pattern: atom layer, topic-branches, two-layer Lint. Distilled from running the pattern end-to-end. — Extension of Karpathy's LLM-as-wiki-editor pattern, adding an atomic knowledge layer, topic-branching structure, and a two-tier linting pass. Distilled from end-to-end production runs of the pattern. Primarily a workflow/architecture recipe rather than a new tool.