#创作者冲榜 #Gate广场四月发帖挑战

U.S. AI Giant 510,000 Lines of Source Code Leaked!

Due to an employee accidentally leaking 512,000 lines of Claude Code source code, the entire industry gained insight into the internal architecture of the emerging AI giant Anthropic's products, and it also previewed their electronic pet and persistent AI assistant product layouts.

On March 31 local time, due to a packaging error with the npm package, the Claude Code source code was leaked. Within hours, the leaked code had spread on GitHub, accumulating over 10,000 stars and more than 20,000 backups.

In response, Anthropic told the media that this was caused by a human error during release packaging, not a security vulnerability.

Experts point out that this leak provides small and medium developers with an opportunity to "copy" and improve their products, but commercial use of the related code faces legal risks.

510,000 Lines of Claude Code Source "Open Sourced"！

On March 31 local time, FuzzLand, a Web3 security company, intern researcher Chaofan Shou disclosed on social platform X that the source code of Anthropic's AI programming tool Claude Code was accidentally leaked.

According to his description, while inspecting the Claude Code npm package, he found a 57MB cli.js.map file pointing to a bucket link, which contained 1,900 TypeScript files totaling over 512,000 lines of unobfuscated and decompiled complete source code. This means developers can easily peek into or even reconstruct the internal structure of Claude Code.

The root cause is not complicated: source map files that should have been excluded in production builds, due to misconfiguration of .npmignore or improper build process settings, were published along with the package to the public npm registry. Within hours, the relevant code was uploaded to GitHub and widely spread, with some developers even reconstructing Claude Code entirely based on the leaked content.

After the incident gained attention, Anthropic urgently updated the npm package and removed the related files, as well as earlier versions. But it was too late.

Media reporters asked Anthropic for confirmation, and the company responded: "Earlier today, a release of Claude Code included some internal source code. This incident did not involve or expose any sensitive customer data or credentials. It was caused by a human error during release packaging, not a security vulnerability. We are implementing measures to prevent similar incidents from happening again."

This is the second major leak within a week for Anthropic. On March 26, the company had just leaked information about a model called Claude Mythos and about 3,000 unpublished assets due to a CMS (Content Management System) configuration error. Earlier, in February 2025 and December 2024, Claude Code also experienced source code and prompt leak issues. The frequent "human errors" continue to erode market trust in their security capabilities.