Claude Code Source Leak: 512k Lines Exposed

Anthropic, the AI safety company behind the Claude assistant, has suffered a significant source code leak. The breach occurred not through a malicious hack, but via an accidental human error: the company inadvertently shipped a source map file within a public npm package for its Claude Code tool. This file, meant for debugging, effectively exposed over 512,000 lines of clean, unobfuscated TypeScript code. The leaked source provides a rare and detailed look into the internal architecture, coding patterns, and potential security pathways of a leading AI coding agent. Security analysts warn that such exposure gives malicious actors a blueprint to probe for vulnerabilities, craft targeted attacks, or even attempt to replicate proprietary systems. In response to the incident, enterprise security leaders are being advised to conduct immediate audits of any integrated AI coding assistants, including Claude Code. The prevailing recommendation is to operate under the assumption of 'reduced security layers'—meaning companies should not rely on the obscurity or inherent security of the AI agent itself. This event highlights the growing software supply chain risks associated with integrating third-party AI tools, where a single packaging mistake can compromise the intellectual property and security posture of even the most cautious organizations.