BREAKING: Claude Code source leaked

TL;DR

Anthropic accidentally published Claude Code's proprietary source maps in an npm package, exposing ~390,000 lines of TypeScript source code to the public.

Key Points

• 1.The leak occurred because Anthropic included source maps in the Claude Code npm package. Source maps link obfuscated/minified JavaScript back to original TypeScript source — Anthropic likely added them while debugging aggressive rate-limit issues, accidentally shipping the full source in the published tarball.
• 2.This is not the first time Anthropic leaked their own source. They have sent more DMCA takedown requests than nearly any company in history to suppress earlier accidental source leaks from their own published npm packages, and immediately nuked the relevant npm release and agent SDK 0.2.88 after discovery.
• 3.The leak is confirmed accidental, not intentional. Anthropic issued a statement calling it 'a release packaging issue caused by human error, not a security breach,' and their aggressive DMCA campaign and npm takedowns confirm they did not want this public.
• 4.The bun framework was falsely blamed in a conspiracy theory. Bun creator Jared (now an Anthropic employee) clarified Claude Code does not use 'bun serve,' so a known bun bug that exposes source maps in hosted web apps is irrelevant here.
• 5.Claude Code scores last among harnesses in terminal benchmarks. On terminal bench, 39 harness-model pairs outscore Claude Code; even with Opus, Claude Code ranks last among all harnesses, while Cursor's harness boosted Opus from 77% to 93% on one benchmark — and Claude Code's source even references Open Code to copy scrolling behaviors.
• 6.Hidden unreleased features were discovered in the source code. These include: 'Buddy' (an April 1–7 Easter egg companion), Dream Mode (background memory consolidation agents), Coordinator Mode (parallel sub-agent spawning with shared prompt cache), Ultra Plan/Ultra Review (remote agent planning and automated $25/PR code review), and Chyros (always-on proactive AFK agent that autonomously edits files and responds to PRs).
• 7.Anti-distillation measures and feature flag sprawl were found inside the codebase. Anthropic injects fake tool calls into session histories to corrupt competitor model training data; they use GrowthBook (switching from StatsSign after OpenAI acquired it) with over 1,000 feature flag references scattered across 250 files, creating significant environment variable sprawl.
• 8.The source code quality was rated 7/10 by Claude itself. Strengths include solid TypeScript safety (only 38 'any' instances across 500+ files) and modern async patterns; weaknesses include god files over 5,000 lines, no test files in the leak, no centralized secret sanitization, and token prefixes logged in JWT utils.
• 9.The creator urges Anthropic to open source Claude Code and respond humanely rather than legally. Recommendations: announce an open-source roadmap, stop erroneous DMCAs, let engineers publicly discuss their leaked features, and turn the PR disaster into excitement — contrasting Anthropic's lawyer-driven response with OpenAI's self-deprecating humor as a model of community engagement.