RealMythos: Open-Source Reconstruction of Claude Mythos' Cybersecurity Reasoning Capability Stack

RealMythos is a phased open-source project aimed at publicly reconstructing the cybersecurity reasoning capabilities of Anthropic Claude Mythos. Starting from real vulnerability data, the project gradually builds high-quality reasoning datasets, trains open-source models, constructs reproducible vulnerability environments, and ultimately implements multi-agent tracking and collection infrastructure. Currently, the core delivery of the first phase has been completed, releasing a CVE-related security reasoning dataset to promote the democratization and open collaboration of AI security tools.

In the field of AI security, the technical details and training data of leading security reasoning systems like Claude Mythos are not publicly available, raising concerns about tool accessibility. RealMythos emerged as a response; its core idea is to make advanced security reasoning tools freely accessible to researchers, defenders, educators, and developers, supporting their use, review, reproduction, and improvement.

RealMythos views Claude Mythos as a complete capability stack, decomposed into five interconnected layers:

Layer 1: Real Vulnerability Data — Collects real vulnerability and fix data based on the Reef framework published by the team at ASE 2023; Layer 2: Reasoning Dataset — In the first phase, 6159 CVE-related C/C++ security reasoning records have been released for supervised fine-tuning; Layer 3: Open-Source Security Reasoning Model — Trains open-source large language models based on high-quality datasets (in the roadmap); Layer 4: Reproducible Software Environment — Constructs standardized vulnerability environments and testing infrastructure; Layer 5: Multi-Agent Tracking and Collection — Establishes collaborative tracking and verification infrastructure to implement an executable and auditable system.

RealMythos Phase 1 released over 6000 security reasoning records associated with real CVEs, with the following features:

• PoC-aware response: Includes proof-of-concept code analysis;
• Quality signal annotation: Each record is accompanied by quality evaluation metrics;
• Responsible use documentation: Includes supporting usage guidelines and liability statements;
• Complete data pipeline: The process from Reef raw data to training data is open-source.

The dataset is released on Hugging Face (huggingface.co/datasets/RealMythos/RealMythosReasoning) and a Google Drive mirror is provided.

RealMythos is based on two previous studies by the team:

1. Reef framework: Collects real vulnerability and fix data, published at ASE 2023;
2. API-guided dataset synthesis method: Used for fine-tuning large code models, with results to be published at OOPSLA 2025.

These works provide a methodological foundation and data infrastructure, extending to security reasoning data construction and model training, forming a complete closed loop.

RealMythos adopts a phased open-source strategy, releasing each layer after internal review. Currently, a GitHub repository, draft technical report, and Hugging Face dataset page have been established. Roadmap: Phase 2 develops open-source security reasoning models; Phase 3 constructs reproducible environments; Phase 4 implements multi-agent tracking infrastructure. Transparent progress supports community participation.

RealMythos provides an open-source alternative, establishing a new paradigm for layered open reconstruction of closed capability stacks, which can be referenced by other fields. It provides high-quality data resources for the research community; helps defenders respond to threats; and provides teaching resources for educators to cultivate security AI talents.

RealMythos challenges AI capability monopolies, proving that advanced AI security capabilities can be democratized through open collaboration. The advancement of subsequent phases will help form a more open, transparent, and auditable cybersecurity reasoning ecosystem.