Anthropic just accidentally published the best argument for .mdc rules
On March 31, Anthropic shipped a source map file in their Claude Code npm package. Inside: 512,000 lines of unminified TypeScript showing exactly how a production-grade AI coding agent works internally.
The developer community has been picking through it for 24 hours. I have been reading every analysis I can find, and one thing jumped out immediately:
Claude Code's own architecture validates the exact approach I have been building for the past two months.
The pattern Anthropic uses internally
Claude Code is not a thin wrapper around an API. It is a full agent harness with five key architectural patterns:
1. Persistent rule files (CLAUDE.md)
Claude Code loads a CLAUDE.md file at session start -- a markdown document containing project constraints, architectural rules, and "things to never do." Sound familiar?
This is the same concept as .mdc rules in Cursor, .github/copilot-instructions.md in GitHub Copilot, and .windsurf/rules/ in Windsurf. Every major AI coding tool has converged on the same idea: persistent, file-based architectural constraints that survive between sessions.
2. A "fail-closed" permission pipeline
Every action in Claude Code passes through a permission system that classifies operations as LOW, MEDIUM, or HIGH risk. The evaluation order is strict: Deny > Ask > Allow.
When a permission is denied, the denial gets fed back to the model as an error, so it learns to adjust its plan. Constraints must be enforced at generation time, not audited after the fact.
3. Skeptical retrieval -- never trust your own memory
The leaked code shows that Claude Code treats its own stored knowledge as "hints, not truth." Before acting on something it "remembers," it re-reads the actual source file to verify.
4. Strict Write Discipline
Claude Code only updates its memory after verified success. If a file write fails or a test breaks, nothing gets stored. This prevents the agent from "learning" incorrect patterns from its own failures.
5. KAIROS and autoDream -- where this is headed
The leaked source references an unreleased autonomous daemon called KAIROS (mentioned 150+ times). It runs background sessions and monitors GitHub webhooks even when the developer is idle. Its companion, autoDream, consolidates memory during idle time -- removing contradictions and converting observations into facts.
The rules you write today become seeds of your project's permanent architectural memory.
Why this matters for your Next.js project
The leak reveals the architecture, but not domain-specific rules. Here are three hallucination patterns I have been cataloguing:
The getSession() hallucination
// INSECURE -- reads JWT without verification
const { data: { session } } = await supabase.auth.getSession()
// SECURE -- verifies with auth server
const { data: { user } } = await supabase.auth.getUser()
The Next.js 15 async params crash
// Compiles fine. Crashes at runtime in Next.js 15.
export default function Page({ params }: { params: { id: string } }) {
return <div>{params.id}</div>
}
// Correct -- params is a Promise in Next.js 15
export default async function Page({ params }: { params: Promise<{ id: string }> }) {
const { id } = await params
return <div>{id}</div>
}
Middleware auth enforcement (false security)
Middleware runs on Edge Runtime and cannot verify Supabase JWTs. Auth enforcement must happen in layouts/pages via getUser(), not middleware.
The takeaway
The Claude Code leak is a roadmap. Anthropic built a constraint-first architecture because that is the only way to make AI coding reliable at scale.
I maintain 25 free .mdc architecture rules for Next.js 15 + Supabase + Stripe: github.com/vibestackdev/vibe-stack
Follow me for the full series on preventing AI hallucinations in modern web development.
Top comments (0)