Daniel Stenberg, the creator of cURL, has dismissed the performance of Anthropic’s Mythos AI model as more marketing than substance. After the AI system was deployed to scan the cURL codebase, it managed to identify only a single low-severity vulnerability—a result Stenberg suggests shows no evidence that the model outperforms existing modern code analysis tools in finding critical flaws or complex exploits.
The discovered issue is scheduled to receive a low-severity CVE and will be officially disclosed alongside the release of cURL 8.21.0 in late June. While the integration of AI into security audits is a growing trend, Stenberg’s reaction highlights a significant skepticism among veteran developers regarding the current effectiveness of Large Language Models in uncovering deep-seated architectural bugs compared to traditional, refined static analysis methods.
