Anthropic Just Leaked Claude Code's Source. Here's What It Means for Your Vibe-Coded App.

Georgia Tech researchers just dropped a stat that should scare every vibe coder: 35 new CVEs in March 2026 were traced directly to AI-generated code.

But today, Anthropic proved the point better than any research paper could.

What Happened

Anthropic accidentally shipped a 59.8 MB JavaScript source map file in version 2.1.88 of their Claude Code npm package. That single file exposed the entire codebase: 512,000 lines of TypeScript, internal architecture details, 44 hidden feature flags, 20 unshipped features, and the exact prompts used to control the AI agent.

Within hours, the code was mirrored across GitHub, forked into open-source alternatives, and analyzed by thousands of developers. Anthropic confirmed it was "a release packaging issue caused by human error."

Human error. A source map in production. The exact same mistake AI coding tools make in your app every day.

Why This Matters More Than You Think

This isn't just an Anthropic story. It's a pattern.

Anthropic is a $30B company with a $2.5B ARR product. They have security teams, code review processes, and CI/CD pipelines. And a source map still made it to production.

Now think about what's shipping in the average vibe-coded app built with Lovable, Bolt, or Cursor:

• Source maps in production builds (the exact same error Anthropic made)
• .env files committed to public repos (your database credentials, API keys)
• Debug endpoints left active (admin panels, test routes with no auth)
• Hardcoded secrets in client-side code (visible to anyone who opens DevTools)
• No .gitignore for sensitive files (lockfiles, build artifacts, config files with credentials)

These aren't theoretical. We see them in real apps every day.

The Pattern: Three Major AI Toolchain Incidents This Month

March 2026 was brutal for AI security:

1. LiteLLM supply chain attack (March 25): A backdoored package on PyPI got 47,000 downloads in 46 minutes. The same attacker also poisoned Telnyx (742K monthly downloads). Malware was hidden in a WAV file.

2. trivy-action poisoned (March 14): A GitHub Action used for security scanning was itself compromised. The tool meant to protect you became the attack vector.

3. Claude Code source leak (March 31): 512,000 lines of production code exposed via a source map in an npm package. The AI coding tool leaked its own source code.

The tools we use to build and secure AI-generated code are themselves becoming the attack surface.

What the Leaked Code Actually Revealed

For anyone building AI agents or using Claude Code, the leaked source exposed:

• A profanity flagging system that quietly records flagged content
• 44 hidden feature flags controlling unreleased capabilities
• A three-layer memory architecture (MEMORY.md index, topic files, grep-based transcript search)
• Verification agent prompts that explicitly call out Claude's tendency to claim it verified something without actually running the check

That last one is telling. Anthropic's own internal prompts say: "reading is not verification. run it." They know their model takes shortcuts. Your vibe-coded app is built by that same model.

What You Should Do Right Now

Check your builds for source maps:

# Find source map files in your build output
find ./dist -name "*.map" -o -name "*.js.map"

# Check if your bundler is generating source maps for production
grep -r "sourcemap|sourceMap|devtool" webpack.config.* vite.config.* next.config.*

Check for exposed secrets:

# Search for hardcoded API keys and credentials
grep -rn "sk-|api_key|password|secret|token" --include="*.ts" --include="*.js" --include="*.env" .

# Make sure .env is in .gitignore
cat .gitignore | grep -i env

Check your npm packages:

# See what files are included in your package
npm pack --dry-run

# Add min-release-age to block new packages for 7 days
echo "min-release-age=7" >> ~/.npmrc

Or scan your whole app in 30 seconds: notelon.ai checks for source maps, exposed secrets, missing auth, and the other common vibe coding mistakes. Free. No signup.

The Lesson

Anthropic has 1,000+ employees, dedicated security teams, and enterprise compliance requirements. They still shipped a source map to production.

You're one person with an AI coding tool. What's in YOUR production build right now?

The gap between code generation speed and security review isn't closing. It's accelerating. 35 new CVEs from AI code in March. The tools themselves are becoming attack vectors. And the developers who need security most are the ones least likely to check.

Don't be the next leak. Scan your code before someone else does.

---

Sources: VentureBeat, Ars Technica, Fortune, Infosecurity Magazine