DEV Community

Cover image for 🚨 Claude code source code leaked?? ‼️
Muhammad Usman Awan
Muhammad Usman Awan

Posted on

🚨 Claude code source code leaked?? ‼️

#discuss #opensource #ai

🚨 Claude Code β€” Leaked Source (2026-03-31)

⚠️ Disclaimer

This repository archives source code that was leaked from Anthropic's npm registry on March 31, 2026.
All original source code remains the property of Anthropic.

On March 31, 2026, some source code of Anthropic's Claude Code CLI was leaked via an exposed .map file in their npm package.

πŸ”— Source Code: https://github.com/nirholas/claude-code

🧨 How It Leaked

Chaofan Shou (@Fried_rice) publicly disclosed the issue:

"Claude code source code has been leaked via a map file in their npm registry!"
β€” March 31, 2026

πŸ”— https://x.com/Fried_rice/status/2038894956459290963

Root Cause

Component Issue
npm Package Included a .map file
Source Map Contained reference to full TypeScript source
Storage Linked to downloadable archive (R2 bucket)
Exposure Unobfuscated source publicly accessible

🧠 Overview

Claude Code is Anthropic's official CLI tool for interacting with Claude directly from the terminal.

Capabilities

  • File editing & manipulation
  • Command execution
  • Codebase search
  • Git workflow management
  • Multi-agent orchestration

πŸ“¦ This repository contains the leaked src/ directory.

πŸ”— Source Code: https://github.com/nirholas/claude-code

πŸ“Š Leak Summary

Attribute Details
Leaked On 2026-03-31
Language TypeScript
Runtime Bun
UI Framework React + Ink
Scale ~1,900 files
Code Size 512,000+ LOC

πŸ“ Directory Structure 

src/
β”œβ”€β”€ main.tsx                 # CLI entrypoint (Commander.js + Ink)
β”œβ”€β”€ commands.ts              # Command registry
β”œβ”€β”€ tools.ts                 # Tool registry
β”œβ”€β”€ Tool.ts                  # Tool definitions
β”œβ”€β”€ QueryEngine.ts           # Core LLM engine
β”œβ”€β”€ context.ts               # Context management
β”œβ”€β”€ cost-tracker.ts          # Token tracking
β”‚
β”œβ”€β”€ commands/                # ~50 commands
β”œβ”€β”€ tools/                   # ~40 tools
β”œβ”€β”€ components/              # ~140 UI components
β”œβ”€β”€ hooks/                   # React hooks
β”œβ”€β”€ services/                # External integrations
β”œβ”€β”€ screens/                 # Full-screen UI
β”œβ”€β”€ types/                   # TS types
β”œβ”€β”€ utils/                   # Utilities
β”‚
β”œβ”€β”€ bridge/                  # IDE integration
β”œβ”€β”€ coordinator/             # Multi-agent orchestration
β”œβ”€β”€ plugins/                 # Plugin system
β”œβ”€β”€ skills/                  # Skill system
β”œβ”€β”€ keybindings/             # Key mappings
β”œβ”€β”€ vim/                     # Vim mode
β”œβ”€β”€ voice/                   # Voice input
β”œβ”€β”€ remote/                  # Remote sessions
β”œβ”€β”€ server/                  # Server mode
β”œβ”€β”€ memdir/                  # Persistent memory
β”œβ”€β”€ tasks/                   # Task system
β”œβ”€β”€ state/                   # State management
β”œβ”€β”€ migrations/              # Config migrations
β”œβ”€β”€ schemas/                 # Zod schemas
β”œβ”€β”€ entrypoints/             # Init logic
β”œβ”€β”€ ink/                     # Ink wrapper
β”œβ”€β”€ buddy/                   # Easter egg
β”œβ”€β”€ native-ts/               # TS utilities
β”œβ”€β”€ outputStyles/            # Styling
β”œβ”€β”€ query/                   # Query pipeline
└── upstreamproxy/           # Proxy config
Enter fullscreen mode Exit fullscreen mode

πŸ—οΈ Core Architecture

1️⃣ Tool System (src/tools/)

Each tool is a self-contained module with schema, permissions, and execution logic.

Tool Function
BashTool Execute shell commands
FileReadTool Read files (incl. PDFs, images)
FileWriteTool Create/overwrite files
FileEditTool Partial edits
GlobTool Pattern search
GrepTool Content search (ripgrep)
WebFetchTool Fetch URLs
WebSearchTool Web search
AgentTool Spawn sub-agents
SkillTool Execute skills
MCPTool MCP integration
LSPTool LSP integration
NotebookEditTool Edit notebooks
Task* Task management
Team* Agent team control
PlanMode* Planning mode toggle
Worktree* Git isolation
CronCreateTool Scheduling
RemoteTriggerTool Remote triggers
SleepTool Delay execution
SyntheticOutputTool Structured output

2️⃣ Command System (src/commands/)

Slash commands used in CLI:

Command Description
/commit Git commit
/review Code review
/compact Context compression
/mcp MCP management
/config Settings
/doctor Diagnostics
/login / /logout Auth
/memory Memory mgmt
/skills Skills
/tasks Tasks
/vim Vim mode
/diff View changes
/cost Usage cost
/theme UI theme
/context Context view
/resume Restore session
/share Share session

3️⃣ Service Layer (src/services/)

Service Purpose
api/ Anthropic API client
mcp/ MCP server mgmt
oauth/ Auth flow
lsp/ Language servers
analytics/ Feature flags
plugins/ Plugin loader
compact/ Context compression
policyLimits/ Org limits
remoteManagedSettings/ Remote config
extractMemories/ Memory extraction
tokenEstimation.ts Token counting
teamMemorySync/ Sync

4️⃣ Bridge System (src/bridge/)

Connects CLI ↔ IDE (VS Code, JetBrains).

  • bridgeMain.ts β€” main loop
  • bridgeMessaging.ts β€” protocol
  • bridgePermissionCallbacks.ts β€” permissions
  • replBridge.ts β€” REPL bridge
  • jwtUtils.ts β€” authentication
  • sessionRunner.ts β€” execution

5️⃣ Permission System

Located in: src/hooks/toolPermission/

  • Enforces permissions on every tool execution

  • Modes include:

    • default
    • plan
    • auto
    • bypassPermissions

6️⃣ Feature Flags

Dead code elimination via Bun:

import { feature } from 'bun:bundle'

const voiceCommand = feature('VOICE_MODE')
  ? require('./commands/voice/index.js').default
  : null
Enter fullscreen mode Exit fullscreen mode

Notable Flags:

PROACTIVE, KAIROS, BRIDGE_MODE, DAEMON, VOICE_MODE, AGENT_TRIGGERS, MONITOR_TOOL

πŸ” Key Files

File Description
QueryEngine.ts Core LLM engine (~46K LOC)
Tool.ts Tool system definitions
commands.ts Command registry
main.tsx CLI bootstrap + UI init

βš™οΈ Tech Stack

Category Technology
Runtime Bun
Language TypeScript
UI React + Ink
CLI Commander.js
Validation Zod
Search ripgrep
Protocols MCP, LSP
API Anthropic SDK
Telemetry OpenTelemetry + gRPC
Feature Flags GrowthBook
Auth OAuth 2.0, JWT

🧩 Design Patterns

⚑ Parallel Prefetch 

startMdmRawRead()
startKeychainPrefetch()
Enter fullscreen mode Exit fullscreen mode

Improves startup performance by parallelizing I/O.

πŸ’€ Lazy Loading

Heavy dependencies (OpenTelemetry, gRPC) are loaded only when needed.

πŸ€– Agent Swarms

  • Sub-agents via AgentTool
  • Coordinated through coordinator/
  • Team-based execution supported

🧠 Skill System

  • Defined in skills/
  • Executed via SkillTool
  • Supports custom workflows

πŸ”Œ Plugin Architecture

  • First + third-party plugins
  • Loaded dynamically via plugins/

⚠️ Final Disclaimer

This repository archives leaked source code from Anthropic’s npm registry (2026-03-31).
All rights belong to Anthropic.

Top comments (1)

Collapse
 
embernoglow profile image
EmberNoGlow

imho This repository may be removed due to copyright infringement. Incidentally, this code has already been rewritten for Python and Rust