Anthropic's Claude Code Update Exposes Unfinished Features in Source Code Leak

A recent update to Anthropic's Claude Code, an AI-powered programming tool, inadvertently exposed its internal TypeScript codebase. The leak, stemming from a source map file included in the 2.1.88 release, provided a rare glimpse into the project's development, revealing over half a million lines of code.

Independent developers examining the code report evidence of several unreleased capabilities. These include a conceptual feature resembling a digital companion that would interact with a user's coding activity, and a system referred to as "KAIROS" designed to operate as a persistent background agent. The code also contained internal developer notes, with one engineer questioning the value of a specific performance optimization technique.

Anthropic confirmed the incident was a packaging error. "Earlier today, a Claude Code release included some internal source code. No sensitive customer data or credentials were involved or exposed," said spokesperson Christopher Nulty. "This was a release packaging issue caused by human error, not a security breach."

Despite the company's swift fix, the code was widely copied to GitHub, amassing tens of thousands of forks. Analysts note the event highlights growing pains for AI companies scaling their development operations. While the exposed code could theoretically aid those seeking to circumvent system safeguards, the primary consequence may be internal. The leak serves as a pointed reminder for Anthropic, and the industry at large, to strengthen software deployment and source control protocols as these tools evolve from research projects into commercial products.

Source: The Verge