Anthropic confirmed yesterday that ‘human error’ led to the source code leak of its flagship product Claude Code.
Anthropic accidentally leaked the source code of its Claude Code agent after a poorly configured software package leaked to the public. It follows another incident last week in which Fortune said it accidentally leaked thousands of files.
The leak was spotted on Tuesday by security researcher Chaofan Shou, according to the Register, who discovered that the official npm package for Claude Code was shipped with a map file that referenced the unobtrusive TypeScript source. Chaofan Shou continued to announce what he had discovered on X, which caused quite a stir.
That file pointed to a zip archive stored in Anthropic’s Cloudflare R2 storage bucket, which anyone could download and compress. The archive reportedly contains 1,900 TypeScript files totaling more than 512,000 lines of code, including full libraries of slash commands and built-in tools.
Within hours, a copy of the code was uploaded to GitHub, where it had been ‘forked’ more than 41,500 times, according to the Register, effectively ensuring that the exposure could not be easily changed again.
“Earlier today, the Claude Code release included internal source code,” an Anthropic spokesperson told siliconrepublic.com. “No sensitive customer data or information was involved or exposed. This was a packaging issue caused by human error, not a security breach. We are taking steps to prevent this from happening again.”
The incident comes days after Fortune reported that Anthropic had accidentally made thousands of publicly available files, including drafts of a blog post describing an upcoming model known internally as “Mythos” and “Capybara” – a document it said revealed cybersecurity vulnerabilities.
The Register quoted software engineer Gabriel Anhaia, who published a detailed analysis of the exposed code, saying the incident should serve as a warning to development teams everywhere.
“Apparently, the source map file is included in the npm package. Source maps are for debugging – they map compiled/compiled code back to the original source,” Anhaia wrote in his analysis of the Claude code leak. “Including one in an npm release sends your entire codebase in a readable form.”
“Here’s a reminder to the entire development team: check your build pipeline. Make sure .map files are not included in your publish configuration. One misconfigured .npmignore or files field in package.json can expose everything,”
As experts and analysts examine the source code now available, there seems to be a consensus that they are impressed by what they see.
“Note that no one said the code is reckless, said the famous US technology writer Robert Scoble in a social media book. “In every bad time there are always gifts. The gift is that we all know now that Anthropic’s code is great.”
However it is also clear that the leak is a gift to its powerful competitors who are fighting to compete with one of Anthropic’s most successful products, and have been given an inside view of what is behind it.
Don’t miss out on the information you need to succeed. Sign up for Daily BriefSilicon Republic’s digest of must-know sci-tech news.
