The Claude Code source leak of March 31, 2026 exposed Anthropic’s internal model codenames — version references Opus 4.7 and Sonnet 4.8 plus animal names Fennec (Opus 4.6), Capybara (the Mythos-class tier above Opus), and Numbat (in testing). Here is what has actually shipped since: Claude Opus 4.8 went GA on 28 May 2026, and the Capybara/Mythos line launched as Claude Fable 5 and Mythos 5 on 9 June 2026 (Mythos 5 access was then restricted). Notably, no “Sonnet 4.8” has shipped — the current Sonnet is 4.6. This article decodes the leaked codename system and tracks each prediction against what Anthropic actually released.
Months on, the codenames can be scored against reality. Opus 4.8 shipped GA on 28 May 2026 — read our Claude Opus 4.8 breakdown. The Capybara / Mythos-class prediction landed: Anthropic launched Claude Fable 5 and Mythos 5 on 9 June 2026 (see what Claude Mythos is). The miss: there is no “Sonnet 4.8” — Anthropic’s current Sonnet is 4.6, and the version jumped straight to the Mythos-class tier. The earlier Opus 4.7 also shipped before being superseded by 4.8.
When the Claude Code source code leaked on March 31, 2026, the community immediately found what Anthropic tried hardest to hide. Not just unreleased features — but explicit references to future model versions and a complete internal codename system that maps Anthropic’s past, present, and planned AI lineup.
The irony is almost poetic: the leaked codebase contains an „Undercover Mode” that explicitly instructs Claude to never reveal internal model codenames in public git commits. The forbidden list includes „animal names like Capybara, Tengu” and „unreleased model version numbers (e.g., opus-4-7, sonnet-4-8).” Those exact strings — intended to be hidden — are now the most searched terms from the leak.
This article decodes the full codename system, maps what each animal name corresponds to, and analyzes the internal quality metrics that Anthropic never intended to publish.
What model codenames did the leak reveal?
Anthropic uses an animal-based codename system for internal model development. The leaked source code, analyzed by independent researchers and documented on GitHub, confirms the following mappings:
| Codename | Maps to | Status (March 2026) | Key detail |
|---|---|---|---|
| Tengu | Claude Code (project) | ✅ Live | Appears hundreds of times as prefix for feature flags and analytics events. The project codename for Claude Code itself. |
| Fennec | Opus 4.6 (originally), then also Sonnet 4.6 | ✅ Released | Migration function migrateFennecToOpus confirms Fennec was an Opus codename. Sonnet 4.6 launched Feb 17, 2026 under this codename. |
| Capybara | Claude 4.6 variant / Mythos tier | 🧪 In testing | Currently on v8 iteration. Internal benchmarks show 29–30% false claims rate. First model in the new tier above Opus. |
| Numbat | Unknown model | 🔬 Pre-launch | Referenced as still undergoing testing. No public details beyond the name. |
The naming convention is consistent: small-to-medium mammals and mythological creatures. Fennec (the fox), Capybara, Numbat — each one a development codename that gets replaced by the marketing name before public release. What makes this leak unique is that we can now trace the evolution path of models through the migration functions embedded in the code.
What do the migration functions tell us about Anthropic’s release history?
The leaked codebase contains model migration functions — code that handles transitioning users from one model version to the next. These functions act as a fossil record of Anthropic’s internal release timeline:
// Model migration history — extracted from Claude Code v2.1.88
migrateFennecToOpus // Fennec → Opus (codename to product name)
migrateSonnet1mToSonnet45 // Sonnet 1M context → rebranded as Sonnet 4.5
migrateSonnet45ToSonnet46 // Sonnet 4.5 → Sonnet 4.6
resetProToOpusDefault // Pro users reset to Opus as default modelReading these in sequence tells a clear story. Fennec started as an internal Opus development build. The 1-million-token context window Sonnet was initially a separate variant that got folded into the Sonnet 4.5 release. When Sonnet 4.6 shipped on February 17, 2026, another migration function handled the transition for existing users. And at some point, Pro tier subscribers had their default switched to Opus — likely during the Opus 4.6 launch alongside Agent Teams in early February.
The most revealing detail? The Undercover Mode instructions list opus-4-7 and sonnet-4-8 as examples of „unreleased model version numbers” that must never appear in public commits. This isn’t hypothetical — it confirms these version numbers exist internally at Anthropic, even if the models behind them aren’t finished yet.
Anthropic has avoided integer version jumps since Claude 4. The progression from 4.5 → 4.6 → (likely) 4.7 and 4.8 suggests incremental improvements within the Claude 4 architecture rather than a complete generational leap. The true „next generation” appears to be Mythos/Capybara — a new tier above Opus entirely, not just Opus 5.
What is Capybara and how does it connect to Claude Mythos?
This is where two separate leaks converge. Five days before the Claude Code source leak, on March 26, 2026, a different incident exposed Anthropic’s internal content management system. A misconfigured data store left nearly 3,000 unpublished assets publicly accessible — draft blog posts, PDFs, images, and internal memos describing an unreleased model called Claude Mythos.
Anthropic confirmed that leak was real. A spokesperson acknowledged the company had completed training on Mythos, describing it as a „step change” and „the most capable we’ve built to date.” The leaked blog drafts positioned Mythos not as Opus 5, but as the first model in a new tier above Opus.
The Claude Code source leak now confirms the internal codename: Capybara = Mythos. The code references „Capybara” as a Claude 4.6 variant, but the Mythos leak documents describe it as sitting above the existing Opus tier. The most likely interpretation is that Capybara started as an experimental 4.6 variant and evolved into something significantly more capable during development — powerful enough to warrant its own tier.
This matches the leaked cybersecurity assessment that moved markets. Mythos was described internally as being „currently far ahead of any other AI model in cyber capabilities,” a statement that triggered 4–7% drops in cybersecurity stocks including CrowdStrike, Palo Alto Networks, and Zscaler on March 27–28.
What do the internal quality metrics reveal?
The most technically significant finding from the source leak isn’t a codename — it’s internal benchmark data that Anthropic would never willingly publish.
Comments attached to Capybara’s development code reveal that its eighth iteration (v8) carries a false claims rate of 29–30%. This is not a typo. It’s actually a regression from v4, which had a false claims rate of 16.7%. The model got almost twice as unreliable between versions.
This data point is extraordinary for several reasons:
It shows that more capable ≠ more reliable. The AI industry’s public narrative focuses on benchmark scores going up — SWE-bench, AIME, ARC-AGI. Anthropic’s internal data shows that as Capybara gained capabilities, its tendency to make false claims nearly doubled. This is the classic capability-reliability tradeoff that researchers have warned about but companies rarely quantify publicly.
It reveals the „assertiveness counterweight.” Alongside the false claims metric, the code references a mechanism designed to prevent the model from becoming „too aggressive in its refactors.” This suggests that as Capybara became more powerful in code generation, it also became more confident in making changes — including wrong ones. Anthropic built a dedicated counterweight to throttle this tendency, which implies the unweighted model was aggressively rewriting code in ways that introduced errors.
It sets a benchmark for the entire industry. Before this leak, nobody outside Anthropic (or its competitors) knew what internal false claims rates look like for frontier large language models. A 29% false claims rate in a model described as a „step change” suggests that even the most advanced systems hallucinate at rates that would be unacceptable in high-stakes applications without human oversight.
What does the „assertiveness counterweight” mean in practice?
One of the subtler findings from the leak is a mechanism called the assertiveness counterweight. This is a guardrail specifically designed to prevent Capybara from being too aggressive when modifying user code.
The problem it solves is straightforward: as deep learning models become more capable at code generation, they also become more confident in making changes — including changes that are wrong. A model that hesitates before rewriting a function is annoying but safe. A model that confidently rewrites an entire module and introduces subtle bugs is dangerous.
The assertiveness counterweight suggests Anthropic discovered this failure mode during internal testing of Capybara and had to engineer a dedicated mechanism to throttle it. This isn’t a prompt-level instruction like „be careful with code changes” — it’s a system-level architectural constraint built into the model’s operating logic.
For developers building with AI agents, this is a critical design pattern to understand. More capable models need more sophisticated restraint mechanisms. The pattern holds whether you’re building a coding agent, a trading bot, or any autonomous system: capability without calibrated confidence is a liability.
What does the „over-commenting” problem reveal?
A less dramatic but equally telling detail from the leak: developers noted that Capybara has an over-commenting tendency. The model adds excessive code comments — explaining obvious operations, annotating every function, padding code with verbose documentation that no experienced developer would write.
This matters because over-commenting is a classic signal of AI-generated code. In a world where Anthropic’s Undercover Mode explicitly instructs Claude to hide its AI identity in open-source contributions, a model that compulsively comments every line of code is undermining its own stealth. It’s the AI equivalent of a spy who can’t stop explaining what they’re doing.
More importantly, over-commenting increases the token count of every response, raising costs for API users. For high-volume users of machine learning pipelines that use Claude as a coding agent, even a 20% increase in output tokens translates directly to 20% higher bills. This isn’t a style preference — it’s a cost problem at scale.
How does Anthropic’s model versioning compare to competitors?
The leak provides an unusually clear picture of how Anthropic stages model releases internally. Comparing this to what we know about OpenAI and Google:
| Aspect | Anthropic (from leak) | OpenAI (public) | Google (public) |
|---|---|---|---|
| Codename system | Animal names (Fennec, Capybara, Numbat) | Alphanumeric (e.g. „gpt-5.3-codex”) | Animal names (Snow Bunny for Gemini 3.5) |
| Version increments | Sub-integer (4.5 → 4.6 → 4.7) | Mixed (GPT-4 → GPT-5 → GPT-5.1 → 5.2 → 5.3) | Integer + variant (Gemini 3 → 3.1 → 3.5) |
| Tier structure | Haiku / Sonnet / Opus / Mythos (new) | Mini / Standard / Reasoning (o-series) | Flash / Pro / Ultra |
| Internal metrics leaked | False claims rate (16.7% → 29%) | Not leaked | Not leaked |
| Release cadence | ~2 weeks between major updates (2026) | ~4–6 weeks between versions | ~6–8 weeks between versions |
The most significant structural difference is the new Mythos tier. Both OpenAI and Google have maintained three-tier hierarchies (cheap/balanced/powerful). Anthropic introduced a fourth tier — a „beyond Opus” class that sits above their previous best, which shipped as Fable 5 and Mythos 5 on 9 June 2026. It represents a genuine architectural leap rather than an incremental version bump.
What should developers and AI practitioners expect next?
The combination of the Mythos CMS leak (March 26) and the Claude Code source leak (March 31) provides an unusually complete picture of Anthropic’s roadmap. Three conclusions stand out:
The Opus strings were real; the “Sonnet 4.8” string was not (update). Opus 4.7 shipped and was quickly superseded by Opus 4.8 (GA 28 May 2026). But despite appearing in the same forbidden-strings list, no Sonnet 4.8 ever launched — Anthropic’s Sonnet line still sits at 4.6, and the next leap went to the Mythos-class tier instead. The lesson: a version string in operational code signals intent, not a guaranteed release.
Capybara/Mythos was the real next-generation leap — and it landed (update). On 9 June 2026 Anthropic launched the Mythos-class tier as Claude Fable 5 (generally available) and Mythos 5 (restricted, then suspended). Exactly as the codenames implied, this was not “Opus 5” but a qualitatively new tier sitting above Opus. The leak’s framing of Capybara as a generational jump rather than an increment proved correct.
The false claims regression is the most honest AI metric ever accidentally published. Anthropic’s internal acknowledgment that their most capable model hallucinates at nearly 30% — and that this is worse than a less capable version — is the kind of data the industry needs more of. It confirms what practitioners building with RAG systems and context engineering already suspect: scaling capabilities does not automatically scale reliability, and external verification layers remain essential.
This analysis is built on code comments, feature flags, and migration functions from the leak — not official Anthropic announcements. Several predictions have since been confirmed by real releases (Opus 4.8 on 28 May 2026; Fable 5 and Mythos 5 on 9 June 2026), while others never shipped (a “Sonnet 4.8” — the current Sonnet is 4.6). The internal false-claims metrics may have been measured under conditions that don’t reflect general use. Treat any still-unreleased codename details as directional, not definitive.
Related Guides
Building with these Claude models? Start here:
- Build AI Agents with Claude — the Agent SDK and Skills for shipping production agents on Opus and Sonnet.
- Best AI Coding Assistants 2026 — where Claude ranks against Cursor, Copilot and the rest.
- Best AI Agent Frameworks 2026 — the frameworks to orchestrate Claude-powered agents.
FAQ
Are Claude Opus 4.7 and Sonnet 4.8 confirmed models?
Partly — and the outcome is now known. Opus did ship: Opus 4.7 launched and was then superseded by Opus 4.8 (GA 28 May 2026). But Sonnet 4.8 never shipped — despite appearing in the leaked forbidden-strings list, Anthropic’s Sonnet line is still at 4.6. The strings confirmed internal intent, but a version number in leaked code did not guarantee a public release under that name.
What is the Capybara model — is it Claude 5?
Capybara was the internal codename for the Mythos-class tier — a class above Opus, not simply „Opus 5.” It shipped on 9 June 2026 as Claude Fable 5 (generally available) and Claude Mythos 5 (restricted, later suspended). So the codename mapped to a real, qualitatively new performance class — exactly as the leak implied.
What does a 29% false claims rate mean?
In internal benchmarks, Capybara v8 generates false or inaccurate claims in approximately 29–30% of relevant test cases. This is nearly double the 16.7% rate in v4. The specific benchmark methodology hasn’t been disclosed, but the regression suggests that increasing the model’s capabilities also increased its tendency to confidently assert incorrect information.
What is the „assertiveness counterweight”?
It’s a mechanism built into Capybara to prevent the model from being too aggressive when rewriting user code. As the model became more capable, it also became more confident in making changes — including wrong ones. The counterweight throttles this tendency, ensuring the model is less likely to make sweeping, potentially destructive code refactors without user approval.
What is Numbat?
Numbat is an internal codename for an unreleased model that is still in pre-launch testing, according to the leaked source code. No additional details — tier, capabilities, or timeline — have been disclosed. It follows the animal naming convention used for other Claude models (Fennec, Capybara).
When will Opus 4.7 and Sonnet 4.8 be released?
This is now answered. Opus shipped — Opus 4.8 reached GA on 28 May 2026. And Anthropic did skip straight to the Capybara/Mythos tier (Claude Fable 5 and Mythos 5, 9 June 2026) rather than releasing a “Sonnet 4.8,” which never materialized — the current Sonnet remains 4.6. The 4.7/4.8 Sonnet strings appear to have been internal-only iterations that were never shipped publicly.
Sources & Further Reading
- Kuberwastaken. (2026, March 31). Claude Code’s Source Code & Breakdown from a leaked map file in their NPM registry. GitHub. https://github.com/Kuberwastaken/claude-code
- Wiggers, K. (2026, March 31). Claude Code’s source code appears to have leaked: here’s what we know. VentureBeat. https://venturebeat.com
- NerdLevelTech. (2026, March 27). Anthropic Claude Mythos leak 2026: What we know. https://nerdleveltech.com
- WaveSpeedAI. (2026, March 29). Claude Mythos (Opus 5) leaked: What we know so far. https://wavespeed.ai
- thehuman2ai. (2026, March 31). Claude Code source has been available for 13 months, and nothing happened — why? https://thehuman2ai.com
- Naprys, E. (2026, March 31). Full source code for Anthropic’s Claude Code leaks. Cybernews. https://cybernews.com
- Anthropic. (2026). Models overview — Claude API Docs. https://platform.claude.com
- NxCode. (2026, February 17). Claude Sonnet 5 ‘Fennec’ leak: What actually launched as Claude Sonnet 4.6. https://www.nxcode.io
[…] the hood, Claude Design runs on Claude Opus 4.7 — Anthropic’s flagship reasoning model, which processes images at three times the […]
Model roadmaps are useful, but creative workflows still need identity control. For generated character assets, I check whether the same face and style remain consistent before using outputs across scenes.