Claude Code Source Leak - Anthropic Confirms Human Error
Basically, Anthropic accidentally released Claude Code's internal code due to a mistake.
Anthropic confirmed a significant leak of Claude Code's source code due to a packaging error. While no sensitive data was exposed, the leak poses serious security risks for users and developers. Immediate action is recommended to mitigate potential threats.
What Happened
On April 1, 2026, Anthropic announced that internal code for its AI coding assistant, Claude Code, was leaked due to a human error during the release of version 2.1.88 of the npm package. Users discovered that a source map file inadvertently included access to nearly 2,000 TypeScript files and more than 512,000 lines of code. Anthropic stated that no sensitive customer data was involved in the leak, emphasizing it was merely a packaging issue rather than a security breach.
The leak was first flagged by security researcher Chaofan Shou on social media, drawing significant attention with over 28.8 million views on the post. The leaked codebase is now publicly accessible via a GitHub repository, raising concerns about the implications for both developers and competitors.
Who's Affected
The leak affects not only Anthropic and its operations but also its users and the broader AI development community. Developers can now analyze the internal workings of Claude Code, which could lead to the exploitation of vulnerabilities or the creation of competing products. Additionally, users who updated or installed Claude Code during the leak window may have inadvertently downloaded a trojanized version of the HTTP client, raising security concerns.
The incident also highlights the potential for malicious actors to exploit the leaked code for nefarious purposes, including bypassing security measures and executing unintended commands. The implications are significant for software security, particularly in the context of AI tools that are increasingly integrated into development workflows.
What Data Was Exposed
The leaked source code includes critical components of Claude Code's architecture, such as its self-healing memory and multi-agent orchestration features. These insights could provide competitors with a blueprint for replicating or improving upon Claude Code's functionalities.
Moreover, the leak revealed features like KAIROS, which allows Claude Code to operate autonomously, and the Undercover Mode, designed for stealth contributions to open-source projects. Such revelations not only expose the technical capabilities of Claude Code but also its potential vulnerabilities, which could be exploited by attackers.
What You Should Do
Users who installed or updated Claude Code during the specified timeframe are advised to immediately downgrade to a safe version and rotate all secrets. This precaution is essential to mitigate the risk of unauthorized access or data exfiltration.
Additionally, developers should be vigilant about typosquatting attacks, as malicious packages have already been published in the npm registry to exploit the situation. Users should ensure they are downloading packages from trusted sources and remain cautious of any unusual activity related to their development environments. Anthropic is reportedly implementing measures to prevent similar incidents in the future, but users must remain proactive in securing their systems.