Anthropic AI coding tool leaks its own source code again
What's the story
Anthropic, the American artificial intelligence (AI) company behind the Claude family of AI models, has accidentally leaked the complete source code of its AI coding tool, Claude Code. The leak was discovered by security researcher Chaofan Shou on March 31. The issue stems from a basic packaging oversight in the npm package of Claude Code.
Leak details
Leak occurred during routine packaging process
The source code was exposed through a 60MB source-map file (cli.js.map) in the npm package of Claude Code. This file allowed anyone to reconstruct the entire underlying TypeScript codebase from the published build, reported DEV Community. The npm registry is a public software library where developers can upload and download programming tools.
Code importance
What is source code and source map?
Source code is a human-readable set of instructions that programmers write to build software. When companies release software, they usually compile or bundle that code into a compressed format to protect their intellectual property and internal systems. A source map is a supplementary file used during development, bridging the gap between the compressed version of a program and its original source code.
Development tool
Source map handed complete original recipe
The source map is an essential tool for developers when testing and fixing bugs. However, it has no place in a finished product released to the public as it effectively hands anyone the complete original recipe. The latest version of Claude Code, v2.1.88, released on March 31, still contained this file which held the complete code of 1,906 proprietary Claude Code source files covering internal API design telemetry analysis systems encryption tools and inter-process communication protocols.
Past leak
Early version of Claude code was exposed in similar manner
In February 2025, an early version of Claude Code was exposed for the same reason. Back then, Anthropic had removed the old version from npm and deleted the source map. However, this problem has now resurfaced with the latest release. The published source map referenced unobfuscated TypeScript sources hosted in Anthropic's cloud storage, making them publicly downloadable.
Repository impact
Leaked codebase archived to public GitHub repository
The leaked codebase was quickly archived to a public GitHub repository, where it received over 1,100 stars and 1,900 forks within hours of discovery. This leak doesn't involve model weights or user data. However, the continued exposure of the complete source code means that internal architecture security mechanisms and telemetry logic are available to the public.