I Read Every Line of Anthropic’s Leaked Source Code So You Don’t Have To.

2026-04-02 · Source: Towards AI - Medium · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Software Development & Engineering · Depth: Expert, quick

Summary

Anthropic's Claude Code, a closed-source agentic coding tool generating $2.5 billion in annualized recurring revenue, had its entire internal codebase leaked on March 31, 2026. The leak, triggered by an intern's discovery of a map file in Anthropic's npm registry, exposed 512,000 lines of TypeScript. The leaked code revealed a "secret AI pet," an "always-on daemon that dreams," and a mode designed to conceal its AI nature. This incident led to the codebase being mirrored across GitHub and forked 82,000 times within hours, making it accessible to competitors.

Key takeaway

For engineering leaders managing proprietary AI models and tools, this incident underscores the critical importance of rigorous supply chain security and configuration management. You must ensure that all deployment artifacts, including map files in npm registries, are correctly configured to prevent unintended public exposure. Proactively auditing your build and deployment pipelines can mitigate significant intellectual property risks.

Key insights

A configuration oversight led to the public exposure of Anthropic's proprietary Claude Code codebase.

Principles

• Configuration management is critical for security.
• Supply chain security extends to npm registries.

In practice

• Audit npm registry configurations for map files.
• Implement strict access controls for code repositories.

Topics

• Anthropic
• Claude Code
• Source Code Leak
• TypeScript
• AI Agentic Tools

Best for: CTO, VP of Engineering/Data, Director of AI/ML, AI Engineer, AI Scientist, Tech Journalist

Related on AIssential

• Anthropic Accidentally Leaked 512,000 Lines of Claude Code — Accidental source code leaks can rapidly spread and become irreversible, even with internal preventative measures.
• TNB Tech Minute: Pentagon Officially Labels Anthropic a Supply-Chain Risk — AI companies face increasing scrutiny over security risks, content safety, and ethical integration into creative industries.
• Anthropic's leaked AI coding tool has been cloned over 8,000 times on GitHub despite mass takedowns — AI code leaks spread rapidly and are nearly impossible to fully contain once public.
• Wtf Anthropic — Anthropic's compute miscalculation and opaque policies are alienating users, while OpenAI aggressively captures market share.
• Anthropic’s Code with Claude showed off coding’s future—whether you like it or not — LLMs are rapidly automating software development, shifting human roles from writing to oversight, despite emerging concerns.
• Inside the deadlock keeping Mythos offline — The U.S. government's standoff with Anthropic over model distribution highlights escalating geopolitical tensions in AI development and deployment.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Towards AI - Medium.