Anthropic's Opus 4.6 Shows Promise but Limitations in Vulnerability Detection

Summary

A comprehensive evaluation of Anthropic's Opus 4.6 model reveals its capabilities and limitations in detecting software vulnerabilities in C code. When tested against 435 known vulnerable C functions from real-world CVEs, Opus 4.6 correctly identified between 25.1% and 28.5% of vulnerabilities depending on prompting approach and tool configuration—a notable improvement over previous Anthropic models and competitive with human review. However, the model suffers from significant challenges including extremely high false positive rates (up to 60% of functions flagged), substantial inconsistency across multiple runs using the same methodology, and the tendency to miss the majority of actual flaws. The research demonstrates that while Opus 4.6's vulnerability detection capabilities are impressive for a general-purpose AI system, the model requires careful engineering and integration into larger systems to be practical for enterprise-scale security applications.

• Testing used the high-quality PrimeVul dataset of real vulnerabilities paired with patched versions, providing a rigorous benchmark for LLM security capabilities

Editorial Opinion

Opus 4.6's vulnerability detection capabilities represent genuine progress in AI-assisted security, particularly given that the tested flaws escaped human review in production systems. However, the research wisely avoids overselling these results, instead providing the detailed engineering insights necessary for responsible AI deployment in critical domains. This work exemplifies the kind of honest, thorough evaluation that the AI safety and security communities need—moving beyond marketing claims toward systematic understanding of where models excel and where they fall short.