Apr 2026 ai 3 min read

The Claude Code Leak

The Claude Code Leak

As you might have heard, the entire Claude Code source code has been leaked via a map file in their code registry. It was discovered by security researcher Chaofan Shou (@shoucccc) on March 31, 2026.

The code base is in TypeScript, and it has approximately 1,900 TypeScript files, 512,000 lines of code, 40 built-in tools and 50 slash commands. Claude Code is the most popular and influential AI Agent, it is widely used throughout the world.

What’s a map file?

For those that are not familiar with TypeScript, a map file (specifically a source map) is a debugging tool used to bridge the gap between production code and your original source code. Because TypeScript is transpiled to JavaScript, when you build a TypeScript project, your tools (like Webpack or Bun) often minify, bundle, or transpile the code to make it faster and compatible with browsers. This obfuscates the original code to be human-unreadable, and the map file acts as a translator that maps the unreadable production code back to its original, readable source.

An Anthropic employee accidentally included a 60MB source map file (cli.js.map) in a version of the Claude Code package published to the public npm registry.

Security researchers were able to reconstruct approximately 512,000 lines of proprietary TypeScript source code.

Developers typically add *.map to their .npmignore file or use the files field in package.json to ensure debug files don’t ship with the final package. In this case, due to an unfortunate human error, debug files are included in the final package.

Where can I see the code?

Unsurprisingly, the repo that contains the source code has been taken down due to the DMCA notice immediately, but it already has thousands of forks, and it has been ported to Python and Rust. I guess because the rewrites of the original TypeScript code are not covered by DMCA and can’t be taken down.

Somewhat amusingly, the reason it’s possible to port a large production quality code base from one language to another in a couple of hours is due to vibe coding. According to the developers, The whole thing was orchestrated end-to-end using oh-my-codex (OmX) by @bellman_ych — a workflow layer built on top of OpenAI’s Codex (@OpenAIDevs).

It’d be really ironic if the whole thing was also orchestrated end-to-end using Claude Code.

The lesson of the day

Claude Code is the probably the best AI Agent currently, and it still suffered a major security failure. In this case, it is due to human error. This just goes to show that humans are still the weakest link when it comes to making secure software.

↑ Back to top More writing →