Anthropic Code Leak
Anthropic accidentally leaked hundreds of thousands of lines of source code for its Claude Code AI assistant via an npm packaging error, exposing internal architecture and sparking supply-chain and security concerns. The exposure has intensified third‑party scrutiny and forced rapid internal damage control as copies persist online. (fortune.com)
Security researcher Chaofan Shou flagged the exposure on March 31, 2026 after downloading Claude Code v2.1.88 and finding a cli.js.map source‑map (≈59.8 MB) published to npm. (theregister.com ) (theregister.com) The sourcemap reconstructed roughly 512,000 lines of unobfuscated TypeScript across about 1,900 files, allowing full recovery of the CLI codebase rather than just snippets. (layer5.io ) (layer5.io) Analysts and community readers found unreleased subsystem names and feature flags including a persistent daemon codenamed “Kairos” with a PROACTIVE mode, plus items labeled “Dream” and a “Buddy”/pet system in the code comments and flag lists. (arstechnica.com ) (arstechnica.com) Anthropic described the incident as a release‑packaging human error and said no customer data or credentials were included in the published artifact. (bloomberg.com ) (bloomberg.com) The company issued mass copyright takedowns as mirrors proliferated, but community mirrors and clean‑room rewrites drew tens of thousands of stars and forks within hours, making removal difficult. (pcmag.com ) (pcmag.com) Security writeups noted the leak exposed tooling and agent logic (CLI and orchestration code) rather than model weights, and several outlets reported this is the second similar packaging lapse involving Claude Code in roughly a year. (datastudios.org ) (datastudios.org)
