Dafuq: Claude Code appears to have leaked! 😱
Via Reddit, via Hacker News: Claude Code’s source code has been leaked! 🗄️src.zip
Claude code source code has been leaked via a map file in their npm registry!
— Chaofan Shou (@Fried_rice) March 31, 2026
Code: https://t.co/jBiMoOzt8G pic.twitter.com/rYo5hbvEj8
There’s an analysis of the code on X in an article that can be read even if you don’t have an X account: The Accidental Open Source: A Deep Dive into the Leaked Claude Code Repository.
People move fast, and some of them are quite opinionated. This repo is merely holding the code:
But this one isn’t just a copy of the code, it’s an effort to rewrite it in Rust!
I’m not sure if this is going to lead anywhere. Some opinions on Hacker News aren’t that positive:
I wish.
Claude Code is clearly a pile of vibe-coded garbage. The UI is janky and jumps all over the place, especially during longer sessions. (Which also have a several second delay to render. In a terminal).
Lately, it’s been crashing if I hold the Backspace key down for too long.
Being open-source would be the best thing to happen to them. At least they would finally get a pair of human eyes looking at their codebase.
Claude is amazing, but the people at Anthropic make some insane decisions, including trying (and failing, apparently) to keep Claude Code a closed-source application.
● blobbers
It’s a little bit shocking that this zipfile is still available hours later.
Could anyone in legal chime in on the legality of now ‘re-implementing’ this type of system inside other products? Or even just having an AI look at the architecture and implement something else?
It would seem given the source code that AI could clone something like this incredibly fast, and not waste it’s time using ts as well.
Any Legal GC type folks want to chime in on the legality of examining something like this? Or is it liked tainted goods you don’t want to go near?
● treexs
The big loss for Anthropic here is how it reveals their product roadmap via feature flags. A big one is their unreleased “assistant mode” with code name kairos.
Just point your agent at this codebase and ask it to find things and you’ll find a whole treasure trove of info.
Edit: some other interesting unreleased/hidden features
- The Buddy System: Tamagotchi-style companion creature system with ASCII art sprites
- Undercover mode: Strips ALL Anthropic internal info from commits/PRs for employees on open source contributions
● BoppreH
Undercover mode also pretends to be human, which I’m less ok with:
https://github.com/chatgptprojects/claude-code/blob/642c7f944bbe5f7e57c05d756ab7fa7c9c5035cc/src/utils/undercover.ts#L52
Quite so:
## UNDERCOVER MODE — CRITICAL
You are operating UNDERCOVER in a PUBLIC/OPEN-SOURCE repository. Your commit
messages, PR titles, and PR bodies MUST NOT contain ANY Anthropic-internal
information. Do not blow your cover.
NEVER include in commit messages or PR descriptions:
- Internal model codenames (animal names like Capybara, Tengu, etc.)
- Unreleased model version numbers (e.g., opus-4-7, sonnet-4-8)
- Internal repo or project names (e.g., claude-cli-internal, anthropics/…)
- Internal tooling, Slack channels, or short links (e.g., go/cc, #claude-code-…)
- The phrase "Claude Code" or any mention that you are an AI
- Any hint of what model or version you are
- Co-Authored-By lines or any other attribution
Write commit messages as a human developer would — describe only what the code
change does.
GOOD:
- "Fix race condition in file watcher initialization"
- "Add support for custom key bindings"
- "Refactor parser for better error messages"
BAD (never write these):
- "Fix bug found while testing with Claude Capybara"
- "1-shotted by claude-opus-4-6"
- "Generated with Claude Code"
- "Co-Authored-By: Claude Opus 4.6 <…>"Let’s see what gives. I mean, let’s see how things turn out.
Leave a Reply