Anthropic's Claude Code shipped with a critical packaging mistake on Tuesday: a source map file left inside the official npm package contained a reference to an unobfuscated zip archive hosted on Anthropic's Cloudflare R2 storage bucket.

Security researcher Chaofan Shou spotted the exposure and alerted the community. Developers quickly downloaded and mirrored the archive, which contained approximately 1,900 TypeScript files totaling more than 512,000 lines of code — including full libraries of slash commands and built-in tools. Within hours, the repository had been forked over 41,500 times, effectively making Anthropic's accidental disclosure permanent.

How It Happened

Map files are development tools that link compiled or bundled code back to its original TypeScript source — useful for debugging, but never meant for production packages. Anthropic's build configuration apparently failed to strip the map before publish, and that map pointed directly to the archived source.

The exposed code isn't entirely new territory. Reverse-engineering efforts had already produced partial reconstructions of Claude Code, and the site CCLeaks.com had been documenting previously undisclosed features. The leak serves as an authoritative, up-to-date snapshot for researchers who were already digging into Claude Code's internals.

Implications

The accidental release doesn't expose API keys or user data, but it does hand competitors and security researchers a detailed view of Claude Code's architecture — its internal tool design, command structure, and implementation choices. For a company competing aggressively in the AI coding assistant space, that's a meaningful loss of proprietary advantage.

Anthropic has not issued a public statement about the leak. The forked repository remains publicly accessible.