- 918
- 246
Anthropic developers accidentally leaked the entire source code of their CLI tool, Claude Code. The leak was caused by a forgotten source map file in an npm package.
On March 31, 2026, Anthropic released Claude Code version 2.1.88 via npm. However, the package mistakenly included a 60 MB file, cli.js.map, a source map containing the application's complete source code.
A source map is a debug file that links compiled JavaScript to the original code. If it contains the sourcesContent field, all source files can be reconstructed from it.
Security researcher Chaofan Shou was the first to point out the issue, posting a link to an archive containing the files on the social network X. The source code was soon published on GitHub, and the repository has now been forked tens of thousands of times.
The reconstructed codebase contains approximately 1,900 TypeScript files and over 512,000 lines of code. While Claude Code has always been a proprietary, closed-source product, its internals are now publicly available.
Anthropic confirmed the incident and emphasized that no customer information or credentials were compromised. The company attributed the incident to a human-caused package build error, not a security issue. Simultaneously, Anthropic representatives began sending out DMCA notices demanding the removal of the distributed code.
Meanwhile, enthusiasts are already actively studying the leaked source code. For example, user himanshustwts published a detailed analysis of Claude Code's memory architecture in X, describing the background memory overwrite mechanisms and verification system.
Researcher Gabriel Anhaia estimated the scale of the project: approximately 40,000 lines of code are responsible for the plugin tooling system, and another 46,000 for the query system. Anaya notes that Claude Code is a fully-fledged production-grade product, not just an API wrapper.
Furthermore, references to several unimplemented (or non-public) features were found in the source code . These include Proactive mode, in which Claude can continuously write code 24/7, and Dream mode, which allows AI to generate ideas and work on tasks in the background while the user is away.
Previously, there have been attempts to reverse engineer Claude Code in the developer community, but such full access to the source code was not available. The leak gives competitors a detailed understanding of the tool's architecture, helps speed up the development of similar tools, and identifies potential security vulnerabilities.
On March 31, 2026, Anthropic released Claude Code version 2.1.88 via npm. However, the package mistakenly included a 60 MB file, cli.js.map, a source map containing the application's complete source code.
A source map is a debug file that links compiled JavaScript to the original code. If it contains the sourcesContent field, all source files can be reconstructed from it.
Security researcher Chaofan Shou was the first to point out the issue, posting a link to an archive containing the files on the social network X. The source code was soon published on GitHub, and the repository has now been forked tens of thousands of times.
The reconstructed codebase contains approximately 1,900 TypeScript files and over 512,000 lines of code. While Claude Code has always been a proprietary, closed-source product, its internals are now publicly available.
Anthropic confirmed the incident and emphasized that no customer information or credentials were compromised. The company attributed the incident to a human-caused package build error, not a security issue. Simultaneously, Anthropic representatives began sending out DMCA notices demanding the removal of the distributed code.
Meanwhile, enthusiasts are already actively studying the leaked source code. For example, user himanshustwts published a detailed analysis of Claude Code's memory architecture in X, describing the background memory overwrite mechanisms and verification system.
Researcher Gabriel Anhaia estimated the scale of the project: approximately 40,000 lines of code are responsible for the plugin tooling system, and another 46,000 for the query system. Anaya notes that Claude Code is a fully-fledged production-grade product, not just an API wrapper.
Furthermore, references to several unimplemented (or non-public) features were found in the source code . These include Proactive mode, in which Claude can continuously write code 24/7, and Dream mode, which allows AI to generate ideas and work on tasks in the background while the user is away.
Previously, there have been attempts to reverse engineer Claude Code in the developer community, but such full access to the source code was not available. The leak gives competitors a detailed understanding of the tool's architecture, helps speed up the development of similar tools, and identifies potential security vulnerabilities.