Claude Code leak exposes a Tamagotchi-style ‘pet’ and an always-on agent

Emma Roth

is a news writer who covers the streaming wars, consumer tech, crypto, social media, and much more. Previously, she was a writer and editor at MUO.

After Anthropic released Claude Code’s 2.1.88 update, users quickly discovered that it contained a package with a source map file containing its TypeScript codebase, with one person on X calling attention to the leak and posting a file containing the code. The leaked data reportedly contains more than 512,000 lines of code and provides a look into the inner workings of the AI-powered coding tool, as reported earlier by Ars Technica and VentureBeat.

Users who have dug into the code claim to have uncovered upcoming features, Anthropic’s instructions for the AI bot, and insight into its ”memory” architecture. Some things spotted by users include a Tamagotchi-like pet that “sits beside your input box and reacts to your coding,” according to a post on Reddit, along with a “KAIROS” feature that could enable an always-on background agent. Users also found a comment from one of Anthropic’s coders, who admits at one point that the “memoization here increases complexity by a lot, and im not sure it really improves performance.”

Though Anthropic later fixed the issue, that didn’t stop users from copying the code to a repository on GitHub, which has since amassed more than 50,000 forks (or copies of the repository). Anthropic launched Claude Code in February of 2025, and the tool picked up more steam after adding agentic capabilities that perform tasks on a user’s behalf.

“Earlier today, a Claude Code release included some internal source code. No sensitive customer data or credentials were involved or exposed,” Anthropic spokesperson Christopher Nulty says in an emailed statement to The Verge. “This was a release packaging issue caused by human error, not a security breach. We’re rolling out measures to prevent this from happening again.”

Arun Chandrasekaran, an AI analyst at Gartner, tells The Verge that while the Claude Code leak poses “risks such as providing bad actors with possible outlets to bypass guardrails,” its long-term impact could be limited to serving as a “call for action for Anthropic to invest more in processes and tools for better operational maturity.”

Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.

• Emma Roth