Anthropic confirms accidental Claude Code source leak
An Anthropic spokesperson confirmed that the company accidentally exposed the source code of Claude Code during a routine software update. A debugging file was incorrectly included in a software package published to a public developer registry, enabling access to the code.
This incident represents the second code leak within a year, following a similar issue in February 2025. The recurrence of such leaks raises concerns about Anthropic’s security and operational practices, particularly since the company emphasizes its commitment to security measures.
This is the mothership of all code leaks! The code of #ClaudeCode has been leaked!
The big deal is that #Anthropic is a company that prides itself in the level of security and controls they have in place and then they ship a map file in their npm!
The other thing is that… https://t.co/fTWGw8s54j
— Shakthi (@v_shakthi) April 1, 2026
The source code, written in programming languages like Python and JavaScript, serves as the original set of instructions that dictate software functionality. A security researcher identified the leak after discovering the software package, which contained a source map file that revealed the codebase. Following this, the leaked code was quickly disseminated and analyzed on GitHub.
In response to the leak, Anthropic began issuing DMCA takedown notices to eliminate mirrors of the leaked files. Concurrently, Sigrid Jin, a South Korean developer, reconstructed core architecture in Python using an AI orchestration tool, releasing a project titled “claw-code,” which aligns more with a reimplementation than a direct copy of the original code.
Reports indicated that the leaked code included several feature flags associated with tools that may not yet be publicly available. These features potentially encompass a “persistent assistant” mode, remote access capabilities, and the ability for Claude to review prior interactions for improvement.
An Anthropic spokesperson attributed the leak to a packaging error that led to the accidental publication of internal source code. They confirmed that no customer data or credentials were compromised in the incident. The company is implementing measures to prevent similar occurrences in the future.
This incident follows a prior leak in February 2025, when an earlier version of Claude Code was unintentionally exposed but quickly removed. Anthropic’s focus on securing its systems may be scrutinized further in light of these repeated incidents.