GitHub - rosaboyle/awesome-cc-oss

A curated list of resources related to the Claude Code source code leak (March 31, 2026) — the incident where Anthropic accidentally shipped a 59.8 MB source map file (cli.js.map) in version 2.1.88 of the @anthropic-ai/claude-code npm package, exposing ~1,900 files and 512,000+ lines of proprietary TypeScript source code.

Contents

• What Happened
• Source Code Archives
• Clean-Room Reimplementations
• Technical Breakdowns & Analysis
• Key Discoveries from the Leak
• News Coverage
• Expert & Community Reactions
  • X / Twitter
  • Reddit Threads
  • Hacker News
• Blog Posts & Deep Dives
• Videos & Podcasts
• Security & Legal Implications
• Related Prior Incidents
• Further Reading

What Happened

On March 31, 2026, security researcher Chaofan Shou (@Fried_rice on X), an intern at Solayer Labs, discovered that the entire source code of Claude Code — Anthropic's flagship AI coding CLI — was publicly accessible via a source map file (.map) bundled into the published npm package @anthropic-ai/claude-code v2.1.88.

• The .map file was 59.8 MB and contained the full, readable original TypeScript source
• ~1,900 files and 512,000+ lines of code were exposed
• The leak was caused by a missing .npmignore rule or bundler misconfiguration (Bun generates source maps by default)
• Anthropic scrambled to remove the package, but the code was already archived and forked 41,500+ times on GitHub within hours
• This was the second time Claude Code source was leaked — the first was in February 2025

Source Code Archives

• gitlawb/claude-code — Decentralized mirror of the leaked Claude Code source on GitLawb

Clean-Room Reimplementations

• chatgptprojects/clear-code — List of open source alternatives for Claude code.

• Kuberwastaken/claude-code (Rust) — Rust port of Claude Code's behavior, clean-room reimplementation

• instructkr/claw-code (Python) — Python rewrite by Sigrid Jin (top Claude API consumer, featured in WSJ), capturing the agent harness architecture

• JackChen-me/open-multi-agent — MIT-licensed TypeScript ~8,000-line clean-room multi-agent SDK inspired by the leak; runs in-process unlike claude-agent-sdk

Technical Breakdowns & Analysis

• Kuberwastaken's Breakdown — Comprehensive README covering every major system: BUDDY, KAIROS, Dream, Undercover Mode, Coordinator Mode, tool registry, and more
• Kuber's Blog Post — Same breakdown with better reading UX
• alex000kim — "The Claude Code Source Leak: fake tools, frustration regexes..." — Deep dive into fake tools, frustration detection, and anti-distillation measures
• dev.to — Gabriel Anhaia — "1,900 files. 512,000+ lines. Everything."
• apiyi.com — Interpretation of the Claude Code source code leak — Impact analysis on the AI agent industry

Key Discoveries from the Leak

Notable features and systems found in the leaked source:

• Undercover Mode — System that hides Anthropic identity when employees use Claude Code on public/open-source repos. Prompt: "You are operating UNDERCOVER... Do not blow your cover."
• BUDDY — A full Tamagotchi-style companion pet system with gacha mechanics, 18 species, shiny variants, procedurally generated stats, and "soul descriptions"
• KAIROS — "Always-On Claude" — a persistent, proactive assistant mode that watches and acts without user input (gated behind PROACTIVE feature flag)
• Dream System — Background memory consolidation engine where Claude literally "dreams" — has a three-gate trigger and four phases
• ULTRAPLAN — 30-minute remote planning session system
• Multi-Agent Orchestration / Coordinator Mode — Full multi-agent system spawning parallel workers, activated via CLAUDE_CODE_COORDINATOR_MODE=1
• Agent Teams / Swarm — In-process and process-based teammates with tmux/iTerm2 panes (feature gate: tengu_amber_flint)
• 40+ Tool Registry — Complete tool system with risk classification (LOW/MEDIUM/HIGH), ML-based auto-approval, and YOLO classifier
• Penguin Mode — Internal codename for "Fast Mode"
• Upcoming Models — References to Capybara (new model family, v2, with 1M context), Opus 4.7, and Sonnet 4.8
• Internal Codename: Tengu — Claude Code's internal project codename, appearing hundreds of times as prefix for feature flags
• Anti-Distillation Measures — Fake tools and frustration detection regexes to prevent model distillation
• Hidden Beta Headers — Unreleased API features including redact-thinking, afk-mode, advisor-tool, task-budgets, and more
• Supply Chain Attack — Between 00:21–03:29 UTC on March 31, malicious axios versions (1.14.1, 0.30.4) containing a RAT were distributed to users who installed during the window

News Coverage

• VentureBeat — "Claude Code's source code appears to have leaked: here's what we know"
• Fortune — "Anthropic leaks its own AI coding tool's source code in second security lapse"
• CNBC — "Anthropic leaks part of Claude Code's internal source code"
• The Register — "Anthropic accidentally exposes Claude Code source code"
• NDTV — "Anthropic's AI Coding Tool Leaks Its Own Source Code For The Second Time In A Year"
• NDTV Profit — "Anthropic Source Code Leaked For Second Time In A Week"
• Decrypt — "Anthropic Accidentally Leaked Claude Code's Source — The Internet Is Keeping It Forever"
• Cybernews — "Full source code for Anthropic's Claude Code leaks"
• BleepingComputer — "Claude Code source code accidentally leaked in NPM package"
• Bitcoin News — "Anthropic Source Code Leak 2026: Claude Code CLI Exposed via npm Source Map Error"
• Piunika Web — "Anthropic's Claude Code source appears to have been leaked via npm registry"
• MLQ.ai — "Anthropic's Claude Code Exposes Source Code Through Packaging Error for Second Time"
• NDTV Feature — "'2026 Just Got Crazy': Internet Erupts After Anthropic's Claude Source Code Leak"

Expert & Community Reactions

X / Twitter

• @Fried_rice (Chaofan Shou) — Original discovery post — The tweet that started it all, with a direct link to the full src.zip
• @zivdotcat (dev) — "babe wake up. Claude Code is finally open source" — Viral tweet capturing community sentiment

Reddit Threads

• r/LocalLLaMA — "Claude code source code has been leaked via a .map file" — 1,719 upvotes, 331 comments
• r/LocalLLaMA — "Claude Code's source just leaked — I extracted its multi-agent architecture" — 136 upvotes, discussion on clean-room legality
• r/ClaudeAI — "Claude Code's source code just leaked — so I had..." — 228 upvotes, debate on AI-generated code copyright
• r/ClaudeAI — "I dug through Claude Code's leaked source and..." — 2,019 upvotes, 291 comments — top comment: "Makes me think my work code is too high quality lmao"
• r/ClaudeAI — "Claude code source code has been leaked via a .map file" — "Looks like someone at Anthropic vibed a little too hard"
• r/singularity — "Claude code source code has been leaked" — 565 upvotes, 169 comments

Hacker News

• HN Discussion — "The Claude Code Source Leak" — alex000kim's analysis on the front page

Blog Posts & Deep Dives

• alex000kim — "The Claude Code Source Leak: fake tools, frustration regexes..." — Covers anti-distillation, frustration detection, fake tools, and the Bun bug causing 250K wasted API calls/day
• Kuber.studio — Full technical breakdown
• dev.to / Gabriel Anhaia — Source maps deep dive
• apiyi.com — Impact on the AI agent industry

Videos & Podcasts

🚧 Section will be updated as video essays and podcast episodes are released covering the incident.

Security & Legal Implications

• DMCA Takedowns — Anthropic issued a barrage of DMCA takedown notices across GitHub; many mirrors and forks were removed but the code had already spread
• Clean-Room Defense — Multiple developers argued their rewrites are "clean-room" implementations, constituting new creative works
• AI Copyright Paradox — Reddit debate: if Anthropic claims Claude wrote its own code, can AI-generated code be copyrighted?
• Supply Chain Risk — Malicious axios packages (v1.14.1, v0.30.4) containing a RAT were distributed during the leak window (00:21–03:29 UTC, March 31)
• No User Data Exposed — Anthropic confirmed no user data was in the leak; core Claude models were unaffected
• Anthropic's Statement — Acknowledged "human error" to The Register; no broader post-mortem published as of April 1, 2026

Related Prior Incidents

• February 2025 — An early version of Claude Code accidentally exposed its original source code in a similar packaging breach
• Late March 2026 — Anthropic accidentally revealed details about the internal "Mythos" project days before this leak

Further Reading

• npm package: @anthropic-ai/claude-code
• Bun Bundler Source Map Bug (oven-sh/bun#28001) — Related Bun bug filed March 11, 2026
• Anthropic Official Website
• Claude Code Product Page

Contributing

Contributions welcome! Please open an issue or submit a PR if you find new resources, articles, analysis, or community reactions related to the Claude Code source leak.

Disclaimer

This repository is a curated collection of links and references for educational and archival purposes. It does not host or distribute any proprietary source code. All linked content is publicly available on the internet.

License

To the extent possible under law, the authors have waived all copyright and related rights to this work.