Claude Code LEAKED (Might be Good for us...)
Video summary
Companion notes
Anthropic leaked the full Claude Code source via a missing .npmignore line — 512,000 lines of TypeScript are now public.
What actually got exposed
The full source code of Claude Code — Anthropic's agentic CLI tool for writing, editing, and executing code in the terminal — was bundled into a public npm release. The archive contained 512,000 lines of TypeScript across ~1,900 files, 43 built-in tools, 44 feature flags (many hidden from users), 26 undocumented / slash commands, and over 120 .env files. No model weights and no customer credentials were exposed.
How a missing line broke it
It wasn't a cyberattack. Anthropic ships Claude Code using the Bun runtime, which auto-generates source maps that deobfuscate production code back to readable source. When the team pushed to npm, they forgot to add the source map line to .npmignore. That source map pointed to a zip archive of the original TypeScript sitting on Anthropic's Cloudflare R2 bucket, accessible to anyone with the URL. Security researcher Mr. Fried Rice downloaded and posted it on X first.
Why it might end up being good for users
The creator frames this as a "blessing in disguise." The Perplexity playbook applies: every time its system prompt leaked, the team patched overnight and shipped a stronger version, making the leaked prompt "a lot weaker." Anthropic is racing the upcoming Mythos Claude model and has shipped aggressively over the last 52 days — expect a 2–3 week sprint to ship a Claude Code that obsoletes the leaked internals. The leak "dilutes the power of Claude Code" but may force Anthropic to "build an even more powerful Claude Code."
What to watch
This was leak #2 in two weeks. The first was a model reveal; this one is a source code dump via packaging pipeline failure. Add disabling Bun source map generation and auditing .npmignore to your pre-ship checklist if you ship TS via npm.
Watch on YouTube
Prefer the native player? Open it on YouTube: https://www.youtube.com/watch?v=nt2QFxcwrbs
