User talk:Apcodesphere
From Wikipedia, the free encyclopedia
On March 31, 2026, the complete source code of Claude Code, an AI-powered software development tool developed by Anthropic, was inadvertently exposed through the npm package registry.[1] The leak occurred when Anthropic published version 2.1.88 of Claude Code to npm with a source map file (`.map`) still attached, allowing anyone to download and decompile the original TypeScript source code.[2]
| Date | March 31, 2026 |
|---|---|
| Location | npm registry |
| Cause | Source map file inadvertently included in package release |
| Outcome | ~512,000 lines of TypeScript source code exposed; over 8,100 GitHub repositories disabled via DMCA takedown |
Background
Claude Code is Anthropic's command-line AI coding assistant, designed to help developers with tasks such as code generation, debugging, and automation.[3] It is distributed as an npm package and had become one of Anthropic's fastest-growing products, with an estimated annual recurring revenue of $2.5 billion by February 2026.[3]
Incident
On March 31, 2026, security researcher Chaofan Shou discovered that the Claude Code npm package version 2.1.88 contained a source map file that pointed to a Cloudflare R2 storage bucket hosting a compressed archive of the complete source code.[4] The exposed code comprised approximately 1,900 TypeScript files and more than 512,000 lines of code.[1]
Anthropic confirmed the incident, attributing it to human error in the release packaging process. A company spokesperson stated that no customer data or credentials were exposed and that measures were being implemented to prevent recurrence.[5]
DMCA enforcement
Within hours of the leak, copies of the source code were mirrored to GitHub and other platforms. Anthropic filed Digital Millennium Copyright Act (DMCA) takedown requests, resulting in over 8,100 GitHub repositories being disabled.[4] However, copies persisted on decentralized platforms such as Gitlawb, where they could not be easily removed.[6]
Exposed features
Analysis of the leaked source code revealed several unreleased features and internal systems:
KAIROS
A persistent background agent mode codenamed KAIROS (from the Greek καιρός, meaning "the right or opportune moment") that allows Claude Code to operate as an always-on assistant, proactively performing tasks without user initiation.[1] The system includes an "autoDream" memory consolidation engine that processes and compresses user interactions during idle periods.[7]
ULTRAPLAN
A feature enabling remote planning sessions of up to 30 minutes using cloud-based computing resources, allowing Claude Code to perform complex architectural planning tasks without occupying the user's local terminal.[4]
BUDDY companion system
A Tamagotchi-style virtual pet that appears within the terminal interface. The companion is generated deterministically based on user ID, with 18 species across five rarity tiers (common to legendary), five statistical attributes (DEBUGGING, PATIENCE, CHAOS, WISDOM, SNARK), and a 1% chance of "shiny" variants.[7] The system was reportedly scheduled for announcement as an April 2026 Easter egg with a full release planned for May 2026.[8]
Undercover Mode
A feature that automatically strips Anthropic attribution from code contributions when employees work on public open-source repositories. The system prevents commit messages and pull requests from containing internal model codenames, references to Anthropic, or any indication that the contributions were AI-generated.[7][6]
Feature flags
The source code contained 44 compile-time feature flags for unreleased capabilities, including voice mode (VOICE_MODE), coordinator mode for multi-agent orchestration (COORDINATOR_MODE), and browser control functionality.[5][6]
Response
Community reaction
The leak triggered rapid community response, with developers creating alternative implementations. A Python-based recreation named "claw-code" achieved over 50,000 stars on GitHub within two hours of release, reportedly setting a record for the fastest accumulation of stars in the platform's history.[4]
Security concerns
Security researchers identified immediate risks following the leak. Within hours of the incident, typosquatting packages were published to npm using names similar to internal Anthropic dependencies, potentially targeting developers attempting to compile the leaked code. Researchers also noted that the exposed source code could enable more sophisticated jailbreak attacks by allowing attackers to analyze Claude Code's context management pipeline.[1]
Related incidents
The leak was the second major exposure of Anthropic internal information within one week. Days earlier, documentation for an unreleased AI model codenamed "Mythos" was inadvertently made publicly accessible via the company's content management system.[1] A similar source map exposure had previously occurred with Claude Code in February 2025.[5][2]
Hoax
Following the leak, an individual falsely claimed to be an Anthropic employee who had been terminated for causing the incident. The individual was subsequently identified as an entrepreneur who used the hoax to promote a commercial product.[6]
