Anthropic just published the entire recipe for its flagship coding tool - again, because somebody forgot to delete a 60 MB debugging file.
On 31 March 2026 security researcher Chaofan Shou noticed that Claude Code v2.1.88, Anthropic’s command-line coding assistant, shipped to npm with a 60 MB source-map file named cli.js.map. The file maps every minified line back to its original TypeScript, letting anyone rebuild the complete, human-readable codebase from the public package.
The leak exposes 1,906 proprietary files covering internal API design, telemetry pipelines, encryption helpers, and inter-process messaging. According to BlockBeats the bundled map file references unobfuscated TypeScript sources hosted in Anthropic’s own cloud storage, so the code wasn’t just theoretically recoverable—it was directly downloadable.
Claude code source code has been leaked via a map file in their npm registry!
— Chaofan Shou (@Fried_rice) March 31, 2026
Code: https://t.co/jBiMoOzt8G pic.twitter.com/rYo5hbvEj8
This is dejavu. In February 2025 an earlier Claude Code release contained the same oversight; Anthropic pulled the package and scrubbed the map. Thirteen months later the identical packaging flaw reappeared in the newest build.
Within hours the reconstructed source was archived to a public GitHub repository where it quickly passed 1,100 stars and 1,900 forks. The exposed code is limited to the client-side CLI implementation; model weights and user data are unaffected. Still, every internal security mechanism and telemetry hook is now laid bare for competitors or attackers to study.
Anthropic has not posted any public statement about the incident, and the npm package remains live at the time of writing.