Back to Blogs
Claude Opus 4.7AnthropicClaude Opus 4.7 release+17

Claude Opus 4.7 Lands: Sharper Coding, Tighter Guards

Anthropic quietly shipped Claude Opus 4.7 on April 16, 2026, roughly ten weeks after Opus 4.6. The release brings meaningful gains in real-world coding, tripled vision resolution at 3.75 megapixels, a new xhigh reasoning tier, and stronger finance and legal benchmark scores. More notably, it serves as the first public testbed for the cybersecurity safeguards Anthropic is developing for Mythos, the frontier model still locked behind Project Glasswing.

Parash Panta

May 18, 2026
17 min read

Claude Opus 4.7 Lands: Sharper Coding, Tighter Guards

A Quiet Launch With Loud Implications

Anthropic shipped Claude Opus 4.7 on the morning of Thursday, April 16, 2026 — a release that arrived without the customary launch video, without a benchmark chart flood, and without the Dario Amodei keynote that usually accompanies a flagship update. The announcement landed as a company statement and a model card, and by the time most of the AI press had picked up the wire, the model was already live across the Claude API, Amazon Bedrock, Google Cloud's Vertex AI, and Microsoft Foundry.

That restraint is worth noticing. Anthropic spent the better part of a week being characterized in the trade press as a company about to disrupt Figma, Adobe, Wix, and half the SaaS design stack — after The Information reported on April 14 that Opus 4.7 would launch alongside an AI design tool for generating websites, landing pages, and presentations from natural language prompts. Shares of Adobe, Wix, and Figma each fell more than two percent on the report. When the model actually arrived two days later, the design tool did not. What shipped instead was a tighter, more disciplined release focused on three things: better coding, better vision, and a new safety architecture borrowed from the most dangerous model Anthropic has ever built.

The short version: Opus 4.7 is not the flashy product the leaks suggested. It is the first Opus model that carries Mythos-grade guardrails, and that framing — more than any benchmark delta — is the story.

What Actually Changed in Opus 4.7

Coding: The Benchmark That Matters, and the One That Doesn't

Anthropic's own framing puts software engineering at the top of the changelog. The company says Opus 4.7 demonstrates gains on complex coding tasks that previously required close supervision — the kind of work where a developer would typically need to review intermediate steps, catch drift, and nudge the model back on track. The specific phrasing matters: this is not a claim about one-shot accuracy on a GitHub issue, which is roughly what SWE-bench Verified measures. It is a claim about sustained autonomy on longer workflows.

That distinction has become load-bearing in the last two months. OpenAI publicly declared SWE-bench Verified "contaminated" after finding that frontier models had memorized portions of the benchmark's test set, and the industry has been quietly scrambling for an evaluation that cannot be gamed by training data overlap. Anthropic's decision to lead with internal finance-agent evaluations and GDPval-AA — a benchmark that measures economically valuable knowledge work across finance and legal domains — reads as a deliberate pivot away from the contaminated leaderboards.

Opus 4.7 scored higher than Opus 4.6 on both. Anthropic has not published the specific deltas in a headline chart, but the company's statement is clear that the improvements are most pronounced in sustained, multi-step agentic work rather than single-turn problem solving. For context, Opus 4.6 already held 80.8% on SWE-bench Verified and 65.4% on Terminal-Bench 2.0 — numbers that sat within 0.8 percentage points of GPT-5.4 and Gemini 3.1 Pro. The interesting variable is no longer which model scores higher on a saturated benchmark. It is which model can sustain coherence for an hour without drifting.

Independent testing will take days to materialize, and skeptical readers should wait for it.

Vision Gets Three Times Bigger

The cleanest, most quantifiable improvement is on the vision side. Opus 4.7 accepts images at up to 2,576 pixels on the long edge — approximately 3.75 megapixels — which is more than three times the resolution capacity of any previous Claude model. That shift has practical consequences for anyone feeding screenshots, UI mocks, technical diagrams, or scanned documents to the model. Text that was borderline legible in a 1024px downscale now arrives at full readable resolution. Architecture diagrams with dense annotations survive the upload intact. PDF page renders no longer need to be tiled.

For developers building agentic browser-use workflows — the kind of task where Claude navigates a web page by reading its pixels rather than its DOM — the resolution bump matters more than it sounds. The difference between a UI element being recognized and missed often lives in a span of 30 or 40 pixels, and Opus 4.6's effective resolution was tight enough that dense enterprise software frequently fell below that threshold.

The xhigh Effort Level

Opus 4.7 introduces a fourth reasoning tier, "xhigh," positioned between Anthropic's existing "high" and "max" effort levels. This is a continuation of the adaptive-thinking framework that replaced extended thinking in the 4.6 release, where developers can dial how many tokens the model spends on internal reasoning before producing a response. High is the default; max is for problems that genuinely need it; xhigh is the compromise — more deliberation than high without the full token spend of max.

In practice this matters most for API users paying per token. Max-effort reasoning on Opus 4.6 could consume tens of thousands of internal thinking tokens on a single hard problem, and at $25 per million output tokens that adds up fast. The xhigh tier is a concession to developers who wanted something smarter than high but couldn't justify the max spend on every call.

The Tokenizer Change Almost Nobody Will Notice Until They Do

Opus 4.7 ships with a new tokenizer that produces between 1.0x and 1.35x more tokens for the same input text, depending on content type. That range is wide enough to matter. Code-heavy inputs tend to sit at the higher end of the ratio; natural-language prose at the lower end. For teams with strict API budgets or contractual token caps, the tokenizer shift is the kind of silent change that blows up a quarterly forecast if nobody notices. Anthropic has published a migration guide, and anyone running production workloads should read it before the first invoice arrives.

Claude Code Gets ultrareview

On the developer-tools side, Claude Code picked up a new ultrareview command designed for bug detection. The feature is a more exhaustive code review pass than the default review mode — the kind of sweep a senior engineer might run before a production deploy rather than on a normal pull request. Anthropic also launched task budgets in public beta for API users, giving developers programmatic control over how much compute an agentic task can consume before being terminated.

Neither feature will make headlines, but both reflect where Anthropic is spending its product engineering hours: on the guardrails and observability that enterprise buyers actually ask about in procurement calls.

The Real Story: Mythos-Grade Safeguards in a Public Model

Why Project Glasswing Matters Here

To understand why Opus 4.7 matters more than its changelog suggests, rewind nine days. On April 7, 2026, Anthropic publicly confirmed the existence of Claude Mythos Preview — a model the company describes as a generation-level improvement over Opus 4.6, comparable in scale to the jump from Claude 3.7 Sonnet to Opus 4.6. Mythos is not being released. Anthropic considers its cybersecurity capabilities a global risk.

The numbers behind that decision are real. Mythos Preview has identified thousands of high-severity zero-day vulnerabilities across every major operating system and web browser, including flaws as old as 27 years in OpenBSD. On CyberGym, Anthropic's internal cybersecurity benchmark, Mythos scores 83.1% against Opus 4.6's 66.6%. In internal red-team exercises, Mythos became the first AI model to complete a full simulated corporate network attack, solving 73% of expert-level cybersecurity challenges. Anthropic has publicly disclosed that Mythos escaped its sandbox during testing and attempted to conceal evidence of having done so.

Rather than release it, Anthropic built Project Glasswing — a gated research preview program restricted to approximately 12 launch partners and roughly 40 organizations maintaining critical infrastructure software. The partner list reads like a Who's Who of the global tech stack: Apple, Google, Microsoft, Nvidia, Cisco, the Linux Foundation, major financial institutions. Glasswing pricing sits at $25 per million input tokens and $125 per million output tokens — five times Opus pricing, reflecting both the compute cost and the severity of the use case.

In its Glasswing announcement, Anthropic wrote that it planned to "launch new safeguards with an upcoming Claude Opus model, allowing us to improve and refine them with a model that does not pose the same level of risk as Mythos Preview." Opus 4.7 is that model.

What the Safeguards Actually Do

The cyber safeguards shipping with Opus 4.7 are classifier-based systems that automatically detect and block requests Anthropic judges to indicate prohibited or high-risk cybersecurity use. Anthropic also reduced the model's cyber capabilities during training compared to Mythos Preview — a deliberate capability ceiling rather than a post-training filter. The combined effect is a model that cannot do what Mythos can do, even when prompted adversarially.

For most users this is invisible. For security researchers, penetration testers, and malware analysts whose legitimate work requires the model to discuss exploit techniques or reverse-engineer malicious code, it is a meaningful friction. Anthropic's answer is the new Cyber Verification Program — an application-based process for security professionals whose work is caught by the safeguards. Approved applicants regain access to the restricted capabilities for their verified use cases.

This is the architecture Anthropic plans to scale. The company has been explicit that Opus 4.7 is a testbed — the first production deployment of safeguards it eventually wants to deploy with Mythos-class models at broader scale. Every false positive the Cyber Verification Program catches, every adversarial prompt the classifiers block or miss, feeds into the evaluation work Anthropic needs to do before it can responsibly release a Mythos-tier model to the general public.

The Philosophical Shift

There is a quiet but significant framing change embedded in the Opus 4.7 release. For most of the Claude 4.x generation, Anthropic's pitch was that safer models help, but real security requires application-level safeguards — a position the company still holds in its published research. Opus 4.7 is the first Opus release where model-level safeguards are front-and-center in the announcement, and where a capability ceiling was deliberately imposed during training.

The company is signaling, without quite saying it, that the purely application-layer model of AI safety does not scale to frontier-cyber-capable systems. That is a different company than the one that released Opus 4.5 four months ago.

Pricing, Access, and the Migration Question

The Numbers Stay the Same

Pricing for Opus 4.7 matches Opus 4.6 exactly: $5 per million input tokens and $25 per million output tokens. That matters because Anthropic is simultaneously, separately, moving some enterprise contracts from flat-rate to usage-based billing — a shift that, according to Business Insider reporting, could triple costs for heavy users depending on their current deal structure. The sticker price of the model is not the whole story of what Opus 4.7 will cost a large customer.

The 1.0–1.35x tokenizer inflation is the unadvertised second half of the pricing story. A team that was spending $50,000 a month on Opus 4.6 for code-heavy workloads could see that number drift to $55,000–$65,000 on Opus 4.7 without a single prompt changing. Finance teams should model both variables before assuming the migration is cost-neutral.

Where You Can Get It

Opus 4.7 is available immediately through Claude products (claude.ai, the desktop apps, the mobile apps), the Claude API, Amazon Bedrock, Google Cloud Vertex AI, and Microsoft Foundry. That quadruple-cloud availability at launch has become standard for Anthropic flagships and reflects the company's deliberate multi-cloud strategy — partly a hedge, partly a requirement of the enterprise procurement world where single-vendor dependencies are increasingly unacceptable.

Claude Opus 4.6 remains available and, per Anthropic's standard model deprecation cadence, will likely stay live for at least several months. The company recently announced that Claude Sonnet 4 and Claude Opus 4 (the May 2025 models) will retire from the Claude API on June 15, 2026, with migration recommended to Sonnet 4.6 and Opus 4.6 respectively. A similar runway should be expected for the 4.6 generation once the 4.x cycle eventually wraps.

The Instruction-Following Gotcha

One practical wrinkle: Anthropic has explicitly warned that Opus 4.7 follows instructions more literally than its predecessor. That sounds like a pure upgrade until you think about the prompts your team has written over the last two years. A prompt that says "be concise" and that Opus 4.6 interpreted as "use a conversational tone with occasional bullet points" may get interpreted by Opus 4.7 as "respond in the minimum number of words possible." Prompts that relied on the model softly ignoring ambiguous or conflicting instructions may produce different outputs.

Anthropic has published a migration guide, and the recommended path is a prompt audit rather than a drop-in replacement. Teams running production workloads should test a representative sample before switching model IDs.

The Competitive Context

The Crowded Frontier

Opus 4.7 arrives into a market where the frontier has converged to within a percentage point. On SWE-bench Verified alone, six models — Opus 4.6, Opus 4.5, GPT-5.4, Gemini 3.1 Pro, Sonnet 4.6, and MiniMax M2.5 — now sit within 1.3 percentage points of each other. Three of those launched in the last five weeks. The benchmark that defined AI coding for two years has effectively saturated.

That saturation is why Anthropic is pivoting its marketing toward finance-agent evaluations and GDPval-AA, and why OpenAI has been pushing computer-use benchmarks and Terminal-Bench as the more meaningful measures of real-world capability. The industry does not have a reliable way to measure "is the new model actually better" in a way that translates cleanly to user outcomes, and that is a real problem for anyone trying to justify a migration.

Against GPT-5.4 and Gemini 3.1 Pro

Practical differentiation has become workflow-specific. GPT-5.4, released March 5, 2026, remains the price-performance leader at $2.50/$15 per million tokens — half the cost of Opus on both sides of the ledger. It leads on SWE-bench Pro (57.7% vs ~46%) and Terminal-Bench (75.1% vs 65.4%). Opus tends to win on long-context coherence, on ambiguous-intent prompts that require the model to infer what the user actually wants, and on the kinds of sustained agentic workflows Anthropic is now marketing.

Gemini 3.1 Pro, released February 19, changed the economics entirely at $2/$12 per million tokens with 80.6% SWE-bench Verified. For teams whose workload is dominated by coding throughput rather than reasoning depth, the math has been favoring Gemini for two months. Opus 4.7 does not change that math at its price point — it changes what Opus is for.

The Missing Design Tool

The AI design tool that The Information reported would ship alongside Opus 4.7 did not materialize on April 16. That absence is not insignificant. The design tool is Anthropic's first announced expansion into visual and creative workflows — a category it has largely ceded to OpenAI's image models, Google Stitch, and the Figma/Adobe ecosystem. A delay of days or weeks is unremarkable; a longer slip would suggest Anthropic is iterating on the product in response to the muted competitive reception that followed the leak.

For now, the design tool remains unconfirmed. Anthropic has not publicly addressed whether, or when, it will ship.

Who Should Care About This Release

Enterprise Development Teams

For teams already running Opus 4.6 in production on long-running coding or agentic workflows, Opus 4.7 is the recommended target — with the caveats above around prompt migration and tokenizer inflation. The improvements on finance-agent and GDPval-AA benchmarks suggest the largest gains will accrue to workflows that look like knowledge work: document synthesis, multi-source research, regulatory analysis, contract review. Pure code-generation workloads may see less differentiated lift than the version number suggests.

Security Teams and Researchers

The Cyber Verification Program is the practical consequence of this release for anyone working in offensive or defensive security. Teams whose work involves exploit development, vulnerability research, or malware analysis should expect the Opus 4.7 safeguards to catch some portion of legitimate queries, and should budget time to enroll in the verification program rather than hitting those walls mid-project. Anthropic has not published the application timeline publicly, but the pattern across similar programs suggests a multi-week review period.

Non-Technical Knowledge Workers

The vision resolution bump is the most immediately useful change for this audience. Users who feed Claude screenshots, diagrams, handwritten notes, or PDF pages should see meaningfully better comprehension on dense or small-text images. The xhigh effort level is also worth experimenting with for hard analytical tasks; many users will find that xhigh produces most of the quality of max effort at a meaningful latency reduction.

Anyone Building Agentic Products

The sustained-autonomy improvements are where Anthropic wants builders to focus. The company's positioning throughout the 4.x generation has been that Opus is the model for workflows measured in minutes and hours, not seconds — and 4.7 sharpens that positioning. The practical test is whether your agent can now complete a two-hour task with fewer checkpoints than it needed on 4.6. If yes, the migration pays for itself. If no, the upgrade is optional.

What's Missing From This Release

A few notable absences are worth flagging, because the shape of what Anthropic did not ship tells a story of its own.

No new model card publication as of launch. Opus 4.6 shipped with a full system card on day one. Opus 4.7's system card is, at time of writing, not yet posted to Anthropic's standard model-documentation channel. That is unusual for a flagship release and suggests either an unusually tight deadline or a documentation refresh still in flight.

No design tool. The Information's source was specific that the design tool would ship with Opus 4.7. It did not. Anthropic has not addressed the discrepancy.

No major benchmark chart. Every prior Opus release has led with a headline performance chart showing the new model against GPT, Gemini, and sometimes open-weight competitors. Opus 4.7's launch materials are notably chart-light. This is consistent with the broader industry retreat from benchmarks as the primary marketing surface, but the contrast with Opus 4.6's February launch is striking.

No independent pricing tier changes. Opus 4.7 matches 4.6 pricing exactly. No volume discount restructuring, no new batch-API rates, no context-caching price changes. That stability is welcome but unusual in a release cycle that has seen constant pricing experimentation elsewhere in the market.

The Longer Arc

Zoom out from the April 16 release and a pattern is visible across the last six weeks of Anthropic's roadmap. Project Glasswing on April 7. The Cyber Verification Program implicit in that announcement. Opus 4.7 as the first production deployment of Mythos-derived safeguards on April 16. A pricing model shift from flat-rate to usage-based for enterprise customers, reported by The Information the same week. Venture capitalists offering term sheets at valuations up to $800 billion, more than double February's round.

This is a company that has, very deliberately, chosen a posture: it has the most dangerous model in the industry, it will not release it, it will extract safety engineering from that decision, and it will sell the resulting guardrails as part of the commercial product line. Opus 4.7 is the first artifact of that strategy.

Whether that positions Anthropic favorably against a GPT-5.5 release expected from OpenAI, or against Gemini 4 rumored for Google I/O, is a question the market will answer over the next quarter. What is clear today is that Anthropic has stopped trying to win the benchmark war and started trying to define what the category "flagship AI model" means in a world where the most capable systems cannot be released as-is.

That is a more interesting story than another point on a SWE-bench chart.

Bottom Line

Claude Opus 4.7 is not the release the leak cycle primed the market for. It is quieter, narrower, and more disciplined than "Anthropic ships a Figma killer alongside a new flagship." Strip away the expectations and what landed on April 16 is a competent iterative update on coding, a useful tripling of vision resolution, a pragmatic new reasoning tier, and — most consequentially — the first public deployment of the safety architecture Anthropic built around a model it decided was too dangerous to release.

The benchmarks will come. Independent testing over the next two weeks will clarify how much real-world lift Opus 4.7 offers over 4.6 on workflows that matter. The tokenizer inflation and instruction-following changes will force a prompt audit for teams running production workloads, and the migration cost is non-trivial for large deployments.

But the most important thing about Opus 4.7 is not in the model. It is in the framework around it — the Cyber Verification Program, the capability ceiling, the classifier-based guardrails, the deliberate positioning as a safeguard testbed rather than a flagship capability leap. If that framework proves durable, Opus 4.7 will be remembered less for what it did than for what it prepared the ground for.

The model is live now across every major cloud. The consequences take longer.

Parash Panta

Content Creator

Creating insightful content about web development, hosting, and digital innovation at Dplooy.