Anthropic accidentally leaks Claude Code source in npm slip

Anthropic confirmed yesterday that ‘human error’ led to the leak of much of the source code of its star product Claude Code.

Anthropic has accidentally leaked the source code of its Claude Code agent after a misconfigured software package exposed it to the public. It follows a separate incident last week where Fortune said the company had accidentally leaked thousands of files.

The leak was spotted on Tuesday by security researcher Chaofan Shou, according to The Register, who found that the official npm package for Claude Code had shipped with a map file referencing an unobfuscated TypeScript source. Chaofan Shou proceeded to announce his find on X, sparking a flurry of activity.

That file pointed to a zip archive stored on Anthropic’s Cloudflare R2 storage bucket, which anyone could download and decompress. The archive reportedly contained some 1,900 TypeScript files totalling more than 512,000 lines of code, including full libraries of slash commands and built-in tools.

Within hours, a copy of the code was uploaded to GitHub, where it was ‘forked’ more than 41,500 times, according to The Register, effectively ensuring that the exposure could not easily be undone.

“Earlier today, a Claude Code release included some internal source code,” an Anthropic spokesperson told SiliconRepublic.com. “No sensitive customer data or credentials were involved or exposed. This was a release packaging issue caused by human error, not a security breach. We’re rolling out measures to prevent this from happening again.”

The incident comes just days after Fortune reported that Anthropic had accidentally made thousands of files publicly available, including a draft blogpost describing an upcoming model known internally as both “Mythos” and “Capybara” – one that the document said presents cybersecurity risks.

The Register cited software engineer Gabriel Anhaia, who published a detailed analysis of the exposed code, saying the incident should serve as a cautionary tale for development teams everywhere.

“Apparently, a source map file was included in the npm package. Source maps are meant for debugging – they map minified/bundled code back to the original source,” Anhaia wrote in his analysis of the Claude Code leak. “Including one in a production npm publish effectively ships your entire codebase in readable form.

“This is a reminder for every engineering team: check your build pipeline. Make sure .map files are excluded from your publish configuration. A single misconfigured .npmignore or files field in package.json can expose everything,”

As experts and commentators pored through the now available source code, there seemed to be consensus that they were impressed with what they saw.

“Notice no one said the code is slop,” said prominent US tech blogger Robert Scoble in a social media post. “In every painful moment there are always gifts. The gift is that we all know now that Anthropic’s code is pretty damn good.”

However it also clear that the leak is a gift to its powerful competitors who are vying to compete with one of Anthropic’s most successful products, and have been given an inside view of what’s behind it.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.