Anthropic Just Leaked Claude Code's Source. Here's What That Means for Every AI Agent You Run. - DEV Community

This page discusses a major security incident where Anthropic accidentally published Claude Code version 2.1.88 to npm with a 59.8 MB JavaScript source map exposing 512,000 lines of unobfuscated TypeScript code across 1,900 files. The entire codebase was mirrored on GitHub within hours, with a clean-room reimplementation reaching 50,000 stars in record time. This was Anthropic's second security breach in five days, following a CMS misconfiguration that exposed 3,000 internal files. The article emphasizes that AI agent security governance—including tool access restrictions, input validation, output filtering, and behavioral controls—is critical regardless of whether an agent's architecture is publicly known.