Tragic mistake... Anthropic leaks Claude’s source code

Yesterday, the most ironic thing ever happened. Anthropic, a $380 billion

happened. Anthropic, a $380 billion startup built on the idea of safety first that advocates for closed source software for the supposed benefit of humanity, a company Elon calls

Missanthropic, whose logo is definitely not a sphincter, whose CEO has been warning us for years that human programmers will be replaced by AI in 6 months. It just accidentally leaked

months. It just accidentally leaked Claude Code's entire source code to the internet at 4:00 a.m. officially making

Anthropic more open than Open AI. Within

minutes of the leak, Chiao Fan Sha, a security researcher, discovered that version 2.1.88 of the Claude Code MPM package was shipped with a 57 megabyte source map file. You know, that file

that's only used in development with the full readable source code of your project. This holy grail of leaks

project. This holy grail of leaks containing over 500,000 lines of Typescript code, it quickly spread across the internet like wildfire.

Anthropic's legal team courageously issued DMCA takedowns. But by the time they woke up in San Francisco, it was already too late. The code was mirrored countless times and cloned by slop tubers like Fireship, which the Supreme

Court says I can do legally, by the way, as a worldrenowned journalist.

>> I know a lot about the law and various other lawyerings. In today's video,

other lawyerings. In today's video, we'll look at all of the incredible discoveries in the code that Anthropic doesn't want you to know about, like its anti-distillation poison pills, its mysterious unreleased features, its

undercover mode, its regular expressionbased frustration detector, and many other super secret techniques at the foreskin of AI research. No, this

is not an April Fool's Day joke. It is

April 1st, 2026, and you're watching the code report. Unfortunately, my lawyer

code report. Unfortunately, my lawyer just informed me that showing you Anthropic TypeScript code would be a violation of my parole, and I refused to go back to jail. But luckily, the open source community has already created a

loophole. Ironically, Claude's most

loophole. Ironically, Claude's most prolific user, he used OpenAI Codeex to rewrite Claude Code's TypeScript code to Python code, resulting in a new barely legal project called Claw Code, and it's

already become the fastest repo in history to surpass 50,000 GitHub stars.

Not only that, but somebody else lopforked the leaked code and made it work with any model that they're calling this new project openclaw and it makes projects like open code completely obsolete. But maybe now that the code's

obsolete. But maybe now that the code's out in the open, Anthropic will just make it open source. Somebody tried to make a pull request with the leaked code. But not surprisingly, it looks

code. But not surprisingly, it looks like Anthropic already deleted it. What

a mother effing crazy 24 hours. But how

did this code end up leaked in the first place? Well, as I mentioned, the source

place? Well, as I mentioned, the source map was accidentally packaged in an npm release. But that's weird because build

release. But that's weird because build tools normally strip out source maps automatically. Well, Claude Code is

automatically. Well, Claude Code is built on Bun.js, which as you might recall was recently acquired by Anthropic. And it just so happens that

Anthropic. And it just so happens that about 3 weeks ago, somebody opened up an issue on GitHub about bun.js serving source maps in production. Wouldn't it

be ironic if the fastest JavaScript runtime in the world also turned out to be the fastest way to ship your entire codebase to the internet? It's unclear

if that was the root cause. And it's

also possible that some unfortunate developer did this by accident. Or

perhaps some rogue developer did it on purpose. We may never know the truth,

purpose. We may never know the truth, but now it's time for the fun part. What

did we actually learn from the leak?

Well, first we learned that Claude uses Axios. If you subscribe to my channel,

Axios. If you subscribe to my channel, then you know that Axios was compromised by North Korean hackers yesterday. The

exploit can install a remote access Trojan on anyone using this package. And

in theory, if that happened on anthropic servers, it could be a massive disaster.

But the next thing we learned is that claude code is basically just a dynamic prompt sandwich glued together with TypeScript and not some magical piece of futuristic technology. In a basic AI

futuristic technology. In a basic AI chatbot, you typically have a hidden system prompt that gets combined with your prompt. Then the base model uses

your prompt. Then the base model uses statistics to regurgitate a bunch of data it stole from the internet. But in

Claude Code, things are far more complex with a total of 11 steps from input to output. that somebody already vibecoded

output. that somebody already vibecoded a website that breaks down every step.

But the most interesting part about this codebase is that it contains tons of hard-coded instructions and guardrails that basically beg Claude to please don't do anything weird. Like there's

just file after file of these massive hard-coded strings telling Claude to be a good boy. And that's kind of surprising because if this code were ever leaked, it would instantly turn from a black box into a blueprint for

Claude's competition. And ironically,

Claude's competition. And ironically, that's exactly what happened. What makes

that even more funny though is that Claude was actively trying to stop their competition from copying Claude code by implementing anti-distillation poison pills. It does that by pretending that

pills. It does that by pretending that certain tools exist when in reality they don't exist at all.

>> You're a big fat foy.

>> That means if you're some Chinese guy trying to train a new model on Claude's outputs, it's going to talk about tools that don't exist which will point your model in the wrong direction and just make it suck. In reality, Claude code

only uses about 25 different tools or so. And now the claw distillers know

so. And now the claw distillers know exactly what to look for and they're likely going to have a field day with the bash tool. This file contains over a thousand lines of code that helps the large language model reliably parse and

execute bash commands which might be the single most important feature in an AI coding assistant. The next thing we need

coding assistant. The next thing we need to talk about though is undercover mode which is a set of instructions that tell Claude to never mention itself in commit messages or outputs where the main idea

is to make the outputs look as human as possible. The stated purpose of this

possible. The stated purpose of this feature is to prevent things like model code name leaks. But many have speculated that the true purpose is more deceptive. Like they're trying to

deceptive. Like they're trying to covertly use claude in open source projects so AI code doesn't get scrutinized when it breaks things catastrophically. A very misanthropic

catastrophically. A very misanthropic idea indeed. But the irony continues.

idea indeed. But the irony continues.

Another funny thing found in the code is its regax frustration detector. Your

state-of-the-art AI model uses simple regular expression matching against your prompt to look for keywords like balls, and so on to determine if you're not having a good experience coding with Claude. If it detects a

match, it'll simply log an event. The

bottom line here is that we're not looking at some sort of alien super intelligence, but rather basic programming concepts that have been around for 50 years combined with a bunch of prompt spaghetti. It's all just

an illusion. On top of that, this

an illusion. On top of that, this codebase has a ton of comments. A lot

more comments than you would typically find in a human-ritten codebase. And

what that tells us is that these comments aren't actually written for humans, but rather for the AI to write its own AI coding tool in an infinite loop. But perhaps the biggest problem

loop. But perhaps the biggest problem about this leak for anthropic is not the code itself, but rather the feature names and road map hidden within the code. Like there's a hidden capability

code. Like there's a hidden capability under a feature flag called Buddy, which appears to be a new Tamagotchi style companion that every developer can customize and raise like a little digital pet. This might just be

digital pet. This might just be Anthropic's April Fool's Day joke, but there are also references to Opus 4.7 and a new model called Capiara, which might be their new recently teased

mythos model. There's also things like

mythos model. There's also things like ultra plan, coordinator mode, and demon mode. But perhaps the most interesting

mode. But perhaps the most interesting is Chyus, which is a Greek word for an exact moment in time or God's time. I

hate to beat off a dead horse here, but it's a bit ironic that Anthropic didn't get to reveal Chyris at the exact time it wanted to, and instead God chose the right time. The feature itself seems to

right time. The feature itself seems to be some kind of background agent that keeps a daily journal. It uses dream mode to consolidate memories and does work for you in the background on a specific schedule, but pretty cool. But

at the end of the day, this leak is a pretty huge setback for Anthropic, which hopes to IPO later this year and offload their bags to the retail public. And

it's yet another reminder that your top secret application is just one npm publish away from becoming open- source, whether you'd like it or not. And that's

why the most advanced AI labs out there use Temporal, the sponsor of today's video. When you're building an AI

video. When you're building an AI application, it's basically a giant distributed system where one flaky API can bring the whole thing to its knees.

that Temporal is an open-source durable execution platform that solves this problem. It lets you write workflows as

problem. It lets you write workflows as normal code that then handles all the plumbing for state management, error handling, and retrying failed steps. And

that's especially valuable for more complex jobs because the longer your agent runs, the more likely it is to fail and have to start over from scratch. A temporal will make sure your

scratch. A temporal will make sure your agent survives and stays on track, so it isn't forced to rerun the same steps and burn a bunch of tokens. OpenAI uses

Temporal to orchestrate their workflows for chat GPT images and codecs. And

thousands of nonAI companies like Airbnb and Coinbase use it to power every transaction. Try it out for free today

transaction. Try it out for free today at the link below. This has been the code report. Thanks for watching and I

code report. Thanks for watching and I will see you in the next one.