Anthropic is facing fresh scrutiny after a software update for Claude Code accidentally exposed a large portion of its internal source code, triggering a wave of downloads, mirrors and copycat projects across the internet.
The issue began when a new version of Claude Code was uploaded to the npm registry on March 31. A debugging source map file was mistakenly included in the release package, giving users access to roughly 512,000 lines of internal TypeScript code across around 1,900 files.
Security researcher Chaofan Shou was among the first to spot the file and shared details publicly on X, helping the leak spread quickly through developer circles. Within hours, copies of the codebase had appeared across GitHub and other hosting services. Related posts on social media drew millions of views as developers rushed to inspect the material.
Anthropic moved quickly to pull the affected package and issue takedown requests for repositories hosting the leaked code. Even so, the company struggled to contain it.
By the time the original package had been removed, mirrors of the code were already circulating widely. Some developers also began creating clean-room rewrites based on what had been exposed, making it harder for Anthropic to limit the spread through copyright claims alone.
One of the projects to gain attention was a Python rewrite known as claw-code, which emerged soon after the leak began circulating. A separate Rust version also appeared, showing how quickly the developer community moved to rebuild and reinterpret parts of the exposed software.
Although some online posts claimed these projects reached record-breaking GitHub growth, there has been little independent confirmation of those figures. Reports do show that several mirrors and rewrites attracted tens of thousands of stars and forks within a matter of hours.
The leak did not expose Anthropic’s underlying Claude model weights or customer information. Instead, it revealed the architecture and tooling behind Claude Code itself, including internal prompts, hidden feature flags and unreleased tools. Reports suggest the code included references to an always-on assistant mode, internal model names and a virtual pet feature that had not been publicly announced.
One detail that drew attention online was the discovery of a feature known internally as Undercover Mode. According to developers who reviewed the code, the system was designed to reduce the chances of Claude exposing internal Anthropic details in public code commits. That led to criticism and jokes online after Anthropic ended up leaking parts of its own software through a packaging mistake.
Anthropic said the problem was caused by a human error in the software release process rather than a security breach or cyber attack. The company also stressed that no customer credentials, API keys or private user information were exposed.
For Anthropic, the leak is awkward because the company has spent years promoting itself as one of the most safety-focused firms in artificial intelligence. The incident also comes shortly after another report that internal company files had been accidentally exposed through a separate mistake.
Some industry analysts believe the practical impact may be limited because much of Claude Code’s value comes from the underlying models and infrastructure rather than the interface layer that was exposed. Others argue that the leak still gives competitors a useful look at how Anthropic structures AI coding tools, manages permissions and builds agent workflows.
Developers were quick to point out that once code is copied across decentralised systems, mirrors and rewrites, removing it entirely becomes close to impossible. Anthropic may have succeeded in pulling down some repositories, but the code is likely to remain available in some form for years.
Dear Reader,
Ledger Life is an independent platform dedicated to covering the Internet Computer (ICP) ecosystem and beyond. We focus on real stories, builder updates, project launches, and the quiet innovations that often get missed.
We’re not backed by sponsors. We rely on readers like you.
If you find value in what we publish—whether it’s deep dives into dApps, explainers on decentralised tech, or just keeping track of what’s moving in Web3—please consider making a donation. It helps us cover costs, stay consistent, and remain truly independent.
Your support goes a long way.
🧠 ICP Principal: ins6i-d53ug-zxmgh-qvum3-r3pvl-ufcvu-bdyon-ovzdy-d26k3-lgq2v-3qe
🧾 ICP Address: f8deb966878f8b83204b251d5d799e0345ea72b8e62e8cf9da8d8830e1b3b05f
Every contribution helps keep the lights on, the stories flowing, and the crypto clutter out.
Thank you for reading, sharing, and being part of this experiment in decentralised media.
—Team Ledger Life
Community Discussion