Anthropic accidentally published the source code of Claude Code — around 500,000 lines across nearly 1,900 files. The code became publicly accessible through NPM: instead of uploading the compiled version, someone uploaded the full source. A company spokesperson confirmed the incident, calling it human error.
"The leak was not the result of a security breach. No sensitive customer data or credentials were compromised. We are taking steps to prevent similar incidents in the future," the spokesperson said.
This marked the second incident in just a few days. Earlier, it emerged that around 3,000 internal files had been exposed, including a draft post about an upcoming AI model known internally as Mythos / Capybara.
Fortune reports that the published code gives Anthropic's competitors a way to study Claude's internal architecture and apply that knowledge to their own products. Some developers may also use it as a foundation to build open-source alternatives.
A similar incident involving Claude already occurred in February 2025. Anthropic removed the code from public access shortly after.