Anthropic's Claude Code Source Code Leaked via Accidental npm Source Map Upload

Anthropic, a leading AI research company, has inadvertently leaked the complete source code for its Claude Code client. The breach was not the result of a hack but stemmed from an accidental upload of a 60MB cli.js.map source map file alongside version 2.1.88 of Claude Code to the npm registry. This critical file, which links minified or obfuscated production code back to its original uncompiled source, contained all comments, business logic, and internal details, making a full reconstruction of the codebase possible. The oversight was first brought to public attention by “Chao Fan Show” on Twitter, who highlighted the availability of the deprecated npm package.

Despite Anthropic deprecating version 2.1.88, npm’s policy prevents the deletion of published versions once they are in use, ensuring its continued accessibility. The leaked code offers a rare glimpse into Anthropic’s internal workings and future roadmap. It reveals modules like undercover.typescript, designed to prevent internal information, such as codenames for unreleased models like “Opus 4.7” and “Set 4.8”, from leaking during public or open-source operations. Additionally, the source exposes forthcoming features including “Kairos,” a persistent AI assistant capable of remembering sessions and organizing memories, “Ultraplan,” a system for complex task planning that utilizes Claude instances, and a “Coordinator Mode” for multi-agent functionalities, some of which appear to be experimental but activatable. The code also contains undocumented slash commands and secret feature flags. While some in the developer community downplay the significance of client-side code leaks compared to proprietary AI models, the depth of internal commentary, architectural insights, and future feature disclosures provides invaluable competitive intelligence and a detailed look into Anthropic’s development methodologies.