Anthropic accidentally published 512,000 lines of Claude Code source code through a debug file in a regular npm update on March 31.

The leak revealed the entire architecture for the company's most important AI coding tools, which generate about 2.5 billion USD in annual recurring revenue.

The missed opportunity in five days raises questions about the IPO

Security researcher Chaofan Shou found the open sourcemap file in Claude Code version 2.1.88 and posted a download link on X (Twitter).

The codebase spread quickly on GitHub and gathered tens of thousands of forks before Anthropics DMCA takedowns halted the distribution.

This happened just five days after another CMS misconfiguration leaked around 3,000 internal files, detailing the yet-to-be-released 'Mythos' model.

Two unintended disclosures in a week raise operational questions for a company valued at 350 billion USD that is considering an IPO in Q4 2026.

The code is now permanent

Korean-Canadian developer Sigrid Jin, whom the Wall Street Journal has written about for using 25 billion Claude Code tokens last year, made a clean Python rewrite before dawn.

His repository, claw-code, garnered 50,000 GitHub stars within two hours.

The leaked files showed an internal function called 'Undercover Mode', built specifically to prevent Claude from leaking Anthropics secrets.

The code also displayed 44 feature flags, an unreleased background daemon called KAIROS, and internal model names like 'Capybara' for a Claude 4.6 variant.

Anthropic confirmed the leak to several media outlets, calling it a packaging error caused by human mistake. Corporate customers, who account for 80% of Claude Codes' revenue, can now use a tool whose security logic and authorization methods are now publicly available on the internet.