Anthropic accidentally exposed the complete source code of its flagship CLI tool Claude Code on March 31 after a source map file was inadvertently published to the npm registry. The leak, discovered by security researcher Chaofan Shou, quickly became one of the most discussed cybersecurity incidents of the week, garnering nearly 2,000 points and over 950 comments on Hacker News within hours of disclosure.

The root cause traces back to a known bug in Bun, the JavaScript runtime that Anthropic acquired in late 2025. The bug, tracked as oven-sh/bun issue 28001, causes source map files to be generated even during production builds despite documentation stating otherwise. A single missing entry in the .npmignore or package.json files field would have prevented the cli.js.map file from being published to npm, which contained the full original TypeScript source mapped from the bundled output.

Community analysis of the 1,884 leaked files revealed significant internal details including eight unreleased features, 26 hidden commands, 32 build flags, and over 120 secret environment variables. Among the most notable discoveries were anti-distillation mechanisms designed to poison training data if competitors scraped API traffic, a native client attestation system described as DRM for API calls, and an unreleased autonomous agent mode codenamed KAIROS featuring background daemon workers and scheduled operations.

The leak also exposed an internal feature called Undercover Mode that strips all traces of Anthropic tooling when employees contribute to external repositories, raising transparency concerns about undisclosed AI-authored code in open-source projects. Security researchers noted that 23 numbered bash security checks were found in the source, including defenses against unicode zero-width space injection and IFS null-byte attacks discovered during a HackerOne review.

Anthropic responded by pulling the npm package and stating that no customer data or credentials were exposed in the incident. However, the source code had already been mirrored to multiple GitHub repositories before removal. The incident marks the company's second accidental exposure in a single week, following a separate model specification leak days earlier.

Security experts recommend that all development teams audit their build pipelines and npm publish configurations to ensure source map files and other development artifacts are excluded from production packages. Organizations using Bun should verify their builds against the known source map generation bug until an official fix is released.