Woke up to this today: Claude Code’s complete source code exposed via npm source map. Not a snippet. All 512,000 lines. 1,900 TypeScript files.

How it happened

Single .map file in production npm package → R2 bucket URL → complete source download.

Classic supply chain security fail.

What’s exposed

• QueryEngine.ts (46K lines): entire LLM API engine
• Tool.ts (29K lines): all agent tools
• commands.ts (25K lines): slash commands
• ~40 tools, ~85 commands
• Feature flags: PROACTIVE, VOICE_MODE, BRIDGE_MODE, KAIROS
• Easter egg: BUDDY digital pet system (hidden, April launch planned)

Anthropic’s response

Removed source map, deleted old npm versions. Too late — 3+ GitHub mirrors already exist.

The ironic part

This is Anthropic’s second leak in 5 days. March 26: CMS error exposed unreleased “Claude Mythos” model + 3K assets.

Community: “The irony is unreal” — Anthropic markets Claude’s code review capabilities, then leaks own code via config error.

Nuanced take

Developer Skanda: “This ‘leak’ is clickbait. Claude Code CLI has always been readable in npm package (minified JS). Source map just makes it readable TypeScript.”

He’s right. Anthropic never treated CLI logic as secret. Core moat = Claude model, not CLI tool.

But: seeing code ≠ understanding code. Source map lowered barrier significantly.

What you can learn

Developer Jingle Bell analyzed the codebase, found 4 production patterns:

1. System prompt engineering: Tool constraints, risk controls, output specs make AI predictable
2. Multi-agent orchestration: Coordinator mode, permission mailbox, atomic claims, team memory
3. Three-layer context compression: MicroCompact (local), AutoCompact (near limit), Full Compact (nuclear option)
4. AutoDream memory consolidation: Background process, 4-phase flow (Orient → Gather → Consolidate → Prune)

For developers, this is a free masterclass in production AI architecture.

Discussion questions

• Is this actually a “leak” if the minified code was already public?
• Does exposing CLI architecture hurt Anthropic’s competitive position?
• What’s the biggest lesson here — supply chain security or AI architecture patterns?

Links:

• Mirror: https://github.com/instructkr/claude-code
• Tweet: https://x.com/Fried_rice/status/2038894956459290963
• HN: https://news.ycombinator.com/item?id=47584540
• Skanda analysis: https://x.com/thecryptoskanda/status/2038924451275018383
• Jingle Bell breakdown: https://x.com/ScarlettWeb3/status/2038940065523552263

Anyone else spending their weekend reading through this?