Anthropic Leaks Claude Code — What Happened?
What Happened?
On March 31, 2026, Anthropic accidentally exposed the full internal source code of Claude Code — its AI-powered coding assistant — through a massive 59.8 MB JavaScript source map (.map) file that was bundled inside the public npm package @anthropic-ai/claude-code version 2.1.88.
The source map file pointed to a zip archive hosted on Anthropic’s own Cloudflare R2 cloud storage, containing nearly 2,000 files and 500,000 lines of code — the entire internal codebase of Claude Code.
How Was It Discovered?
The leak was discovered by Chaofan Shou (@Fried_rice), an intern at Solayer Labs, who posted about it on X (formerly Twitter) with a direct download link. Within hours, the codebase was:
- Downloaded directly from Anthropic’s Cloudflare R2 bucket
- Mirrored to GitHub repositories
- Forked tens of thousands of times by the developer community
Root Cause: A Bun Bug
The leak was caused by a known bug in Bun (issue #28001, filed March 11, 2026) where source maps are incorrectly served in production builds even when disabled in configuration. The bug had been open for 20 days before the incident. A debugging file was accidentally bundled into a routine Claude Code update and pushed to the public npm registry.
What Was Inside the Leaked Code?
The exposed source code revealed several undisclosed features that appear fully built but not yet publicly released:
- Session memory: Claude reviewing its own previous sessions to improve future performance and transfer learnings across conversations
- Persistent background mode: Claude Code continuing to work autonomously even when the user is idle
- Remote control: Ability to control Claude Code from a phone or another browser
- Frustration tracking: Telemetry that monitors and logs user frustration signals
Anthropic’s Official Response
“Earlier today, a Claude Code release included some internal source code. No sensitive customer data or credentials were involved or exposed. This was a release packaging issue caused by human error, not a security breach. We’re rolling out measures to prevent this from happening again.”
— Anthropic Spokesperson (via Axios)
Security Implications
While Anthropic confirmed no customer data or credentials were exposed, security researchers have noted that revealing internal architecture, feature flags, and implementation details gives competitors and potential attackers a detailed playbook of Claude Code’s internals. Analysts at IANS Research described it as exposing “safety gaps” that could be exploited by rivals.
Sources: Axios, Fortune, CNBC, VentureBeat
Leave a Reply