Anthropic accidentally shipped a source map in their npm package, exposing the full Claude Code source. Here's what I found inside.

Hacker News is a community-driven platform for sharing and discussing technology news, startups, and programming-related topics. Through user submissions and comments, Hacker News offers insights into emerging technology trends, industry developments, and entrepreneurial ventures. Readers can participate in discussions, share their insights, and stay informed about the latest advancements in technology and innovation.

Hacker News

Anthropic accidentally shipped a source map in their Claude Code npm package, exposing the full CLI source code. Key findings include: an anti-distillation mechanism that injects fake tools into API requests to poison training data scrapers; an 'undercover mode' that hides AI authorship in open source commits with no way to disable it externally; frustration detection via regex; native client attestation implemented in Zig below the JS runtime to block third-party API access; a comment revealing 250,000 wasted API calls per day fixed with a 3-line change; and references to an unreleased autonomous agent mode called KAIROS with background daemons, GitHub webhooks, and nightly memory distillation. The leak also reveals an April Fools' Tamagotchi companion feature, sophisticated terminal rendering optimizations, 23-step bash security checks, and prompt cache economics driving architectural decisions. The exposure is attributed to a known Bun bug that serves source maps in production mode.

The Claude Code Source Leak: fake tools, frustration regexes, undercover mode, and more

Anti-distillation: injecting fake tools to poison copycats #

Undercover mode: AI that hides it’s AI #

Frustration detection via regex (yes, regex) #

Native client attestation below the JS runtime #

KAIROS: the unreleased autonomous agent mode #