Claude Code Source Code Leaked on npm

On March 31, Anthropic accidentally shipped the entire source code of Claude Code to the public npm registry. A 59.8 MB JavaScript source map (meant for debugging) got bundled into the claude-code npm package. ~512K lines across ~1,900 files, exposed for hours before it was flagged on X and mirrored on GitHub.

The leak quickly turned into a treasure hunt. In the first week of April the community zeroed in on several unreleased, production-grade features hidden behind feature flags.

Plenty of other flags were spotted too — some users counted 44–46 unreleased ones, plus multi-agent swarm orchestration and a remote killswitch.

Sources: tweet