![](\"https://images.ctfassets.net/jdtwqhzvc2n1/42hVjVx59CuomoskYro22S/ca222d6334907291406df1c9f24b713e/cluade_code_hero.png?w=300&q=30\")
After the inadvertent exposure of a 59.8 MB source map file in version 2.1.88 of the Anthropic AI npm package, security researcher Chaofan Shou discovered that 512,000 lines of unobfuscated TypeScript were now public. This leak included sensitive information such as the complete permission model, security validator scripts, unreleased feature flags, and upcoming models. Despite Anthropic’s efforts to contain the leak, mirror repositories quickly spread the exposed source code.
The accidental exposure was attributed to a packaging error caused by human error, with no customer data or model weights compromised. However, the leak had already sparked concerns within the tech community. The Wall Street Journal reported on the incident, highlighting Anthropic’s efforts to remove copies of the leaked code from GitHub through copyright takedown requests.
Following the exposure, programmers began rewriting Claude Code’s functionality in other programming languages, leading to the rapid dissemination of these rewrites. The timing of the leak coincided with the release of malicious versions of the axios npm package, potentially exposing organizations that installed or updated Claude Code during a specific time window.
Gartner’s analysis emphasized the need for organizations to reevaluate how they assess AI development tool vendors, particularly in light of Anthropic’s recent security lapses. The leaked code provided insights into Claude Code’s architecture, revealing key components such as the query engine, bash security validation scripts, and the AI-generated nature of the codebase.
The readable source code also highlighted potential attack paths that could be exploited due to the exposed functionality. Security experts cautioned organizations to audit specific layers of the codebase to mitigate these risks effectively.
Furthermore, the leak underscored the broader issue of AI-generated code and its implications for intellectual property protection. With the leaked code now in the public domain, organizations shipping AI-generated production code face heightened exposure to IP risks.
In response to the leak, security leaders were advised to take specific actions to strengthen their defenses and mitigate potential risks. These actions included auditing repository files, treating dependencies as untrusted, restricting permissions, and implementing robust incident response policies.
The incident served as a cautionary tale for enterprises deploying AI agents, highlighting the importance of operational discipline and vendor accountability in the evolving landscape of AI development tools. As the fallout from the leak continued, organizations were urged to prioritize security measures to safeguard their AI development processes.
