Anthropic’s Claude Code Leaked Accidentally Online

Anthropic’s Claude Code Leaked Accidentally Online

In a surprising turn of events, Anthropic, a company focused on AI safety, has experienced a major data leak. The entire source code for its popular AI model, Claude, was accidentally released to the public. This incident happened on April 1st, 2026, and has sent shockwaves through the AI community.

The leak occurred when a development file, a source map, was included in a public release of Claude’s code. This file contained over 500,000 lines of TypeScript code, offering a detailed look into how Claude operates. Security researcher Chiao Fan Sha discovered the leak shortly after the release. Anthropic’s legal team attempted to remove the leaked code, but it had already spread widely across the internet.

What Was Found in the Leaked Code?

The leaked codebase revealed several interesting details about Claude. For starters, it showed that Claude uses a complex, multi-step process to generate responses, involving 11 distinct stages from input to output. This is far more intricate than a basic chatbot, which typically uses a system prompt and user prompt to generate text based on data.

The code also contained numerous hard-coded instructions and guardrails. These are essentially rules telling Claude to behave safely and avoid unusual actions. This was surprising, as such detailed instructions could provide a clear blueprint for competitors if leaked. Ironically, that’s exactly what happened.

Anti-Distillation and Undercover Mode

Anthropic had also implemented measures to prevent other AI models from easily copying Claude’s capabilities. These included ‘anti-distillation poison pills.’ This technique involves making Claude talk about tools that don’t actually exist. The goal was to mislead other AI models being trained on Claude’s output, causing them to perform poorly.

Another intriguing feature found was ‘undercover mode.’ This mode contains instructions for Claude to avoid mentioning itself in outputs or commit messages. The official reason is to make its responses seem more human. However, some speculate the real purpose is to allow Claude to be used in open-source projects without drawing attention or scrutiny, especially if it causes problems.

Other Discoveries in the Code

The leak also highlighted Claude’s use of the Axios package, which was recently reported to have a security vulnerability. While it’s unclear if Anthropic’s servers were affected, it points to a potential security risk.

Additionally, the code revealed a ‘frustration detector’ that uses simple pattern matching to identify keywords in user prompts indicating a bad experience. If detected, it logs an event. This suggests Claude uses basic programming techniques rather than some form of advanced alien intelligence.

The codebase also contained a large number of comments. This is unusual for human-written code and suggests the comments might be intended for the AI itself, perhaps to help it generate its own code.

Future Features Hinted At

Perhaps the most significant aspect of the leak, beyond the code itself, were hints about future features and roadmap items. These included:

• Buddy: A potential new feature that acts like a Tamagotchi-style digital pet for developers.
• Opus 4.7 and Capiara: References to new model versions or entirely new models, possibly related to Anthropic’s previously teased ‘Mythos’ model.
• Chyris: A background agent designed to keep a daily journal, consolidate memories using ‘dream mode,’ and perform scheduled tasks. The name itself, related to a Greek word for a specific moment in time, adds a layer of irony to its accidental reveal.

Why This Matters

This leak is a major setback for Anthropic, especially with its plans for an Initial Public Offering (IPO) later this year. It exposes the inner workings of a leading AI model, potentially accelerating competition and raising questions about AI safety and transparency. The incident serves as a stark reminder that even with advanced security measures, sensitive code can become public through simple mistakes, underscoring the challenges of managing proprietary AI technology.

The Role of Bun.js

The leak appears to be linked to Anthropic’s use of Bun.js, a JavaScript runtime that Anthropic recently acquired. It’s known that build tools usually remove source map files automatically. However, an issue was recently raised on GitHub regarding Bun.js serving source maps in production. This raises questions about whether the acquisition or the runtime itself played a role in the accidental release of Claude’s source code.

The leak has spurred rapid community development, with projects like ‘Claw Code’ and ‘OpenClaw’ emerging quickly, aiming to make Claude’s capabilities more accessible and adaptable to various AI models.

Source: Tragic mistake… Anthropic leaks Claude’s source code (YouTube)