- Anthropic exposed full source code of Claude Code via npm package's source-map file
- The 60MB file allowed reconstruction of 1,906 proprietary TypeScript source files
- Earlier exposure in 2025 was fixed but the issue resurfaced in version 2.1.88 released in 2026
Anthropic, the American artificial intelligence company behind the Claude family of AI models, has once again inadvertently exposed the complete source code of its AI coding tool, Claude Code, through a basic packaging oversight that security researchers say should never occur in a finished software product.
On 31 March 2026, security researcher Chaofan Shou discovered that Claude Code, Anthropic's flagship command-line coding tool, had its entire source code exposed through a 60MB source-map file (cli.js.map) included in its npm package. The file allowed anyone to reconstruct the full underlying TypeScript codebase from the published build, according to DEV Community. The npm registry is the world's largest public software library, widely used by developers to download and share programming tools.
Claude code source code has been leaked via a map file in their npm registry!
— Chaofan Shou (@Fried_rice) March 31, 2026
Code: https://t.co/jBiMoOzt8G pic.twitter.com/rYo5hbvEj8
What Is Source Code, and Why Does This Matter?
Source code is the original, human-readable set of instructions that programmers write to build software. When a company releases software to the public, it typically compiles or bundles that code into a compressed, harder-to-read format in order to protect its intellectual property and internal systems. Think of source code as the original recipe for a dish: you may be able to taste the final product, but the recipe itself is supposed to remain private.
A source map is a supplementary file used during software development that acts as a bridge between the compressed, published version of a programme and its original, readable source code. It is an essential tool for developers when testing and fixing bugs. However, it has no place in a finished product released to the public, as it effectively hands anyone the complete original recipe.
According to BlockBeats, the latest version of Claude Code, v2.1.88, released on 31 March, was found to still contain this file. It held the complete code of 1,906 proprietary Claude Code source files, covering internal API design, telemetry analysis systems, encryption tools, and inter-process communication protocols.
Not the First Time
According to Odaily, a Web3 and blockchain-focused media platform, in February 2025, an early version of Claude Code was exposed for the same reason, prompting Anthropic at the time to remove the old version from npm and delete the source map. However, the problem has now resurfaced.
The published source map referenced unobfuscated TypeScript sources hosted in Anthropic's cloud storage, which made the source code publicly downloadable. TypeScript is a popular programming language commonly used to build sophisticated software applications.
The leaked codebase was quickly archived to a public GitHub repository, where it surpassed 1,100 stars and 1,900 forks within hours of discovery. GitHub is a platform where developers share and collaborate on code.
What Was Exposed?
Anthropic accidentally included a file in their public package that lets anyone read the original code, which was supposed to be hidden. This was a packaging mistake rather than a hack.
According to BlockBeats, the leak involves the client implementation code of the Claude Code command-line tool and does not involve model weights or user data, posing no direct security risk to ordinary users. However, the continued exposure of the complete source code means that internal architecture, security mechanisms, and telemetry logic are entirely transparent to the public. In simple terms, your personal data and conversations with Claude are not at risk. However, the inner workings of the tool, including how it communicates internally, how it collects usage data, and how its security layers are built, are now visible to anyone who chooses to look.
Researcher Raises Alarm
Chaofan Shou, an intern researcher at blockchain security firm Fuzzland, posted on X stating that the source code of Claude Code had been leaked via leftover source map files in the npm registry. As of the time of writing, Anthropic has not issued any public statement regarding this incident. The incident is likely to draw scrutiny over software release processes at AI companies, particularly as these firms build tools that are increasingly used by professional developers and enterprises across India and the world.
Track Latest News Live on NDTV.com and get news updates from India and around the world
