Indonesian Political, Business & Finance News

512,000 Lines of Anthropic's Claude AI Code Leaked Due to a Small 60 MB File

| By Reska K. Nistanto | Source: KOMPAS Translated from Indonesian | Technology
512,000 Lines of Anthropic's Claude AI Code Leaked Due to a Small 60 MB File
Image: KOMPAS

KOMPAS.com - The artificial intelligence (AI) company Anthropic faced another leak incident on Thursday (1/4/2026). This time, it involved their development tool, Claude Code CLI.

The leak occurred due to an error in a software package released via NPM (Node Package Manager), which unintentionally included an exposed source map file.

This file allowed the public to reconstruct the original source code from the production version, thereby granting access to the internal system logic—something considered highly sensitive in AI industry practices.

Through this file, more than 512,000 lines of TypeScript code from around 1,900 internal files could be accessed in a human-readable format.

Within hours of the discovery being publicised, the code was reported to have been downloaded, copied, and archived by the developer community on various open platforms.

Although it did not include AI model weights or user data, this leak is still deemed serious as it exposes the “internal kitchen” of Anthropic’s AI system.

It contains various critical components, from system prompts that govern AI behaviour, agentic function architectures, to unreleased internal APIs.

Additionally, inter-process communication protocols and the encryption mechanisms used were also exposed. For industry players, such information is not merely technical but can serve as a blueprint revealing how a modern AI system is designed, operated, and secured.

However, in this case, a packaging error led to the file being distributed. The incident is viewed as a fundamental oversight amid the intense competition in the AI industry.

The impact spread rapidly. The developer community quickly archived the code on various platforms, including GitHub, accelerating an uncontrollable dissemination.

In the open internet ecosystem, even a short time lag is sufficient for sensitive data to spread widely.

Some parties have even copied and rewritten the leaked code into other languages, such as Python, with different structures and implementations.

In this situation, the rewritten code is no longer considered a direct copy, making it far more difficult to legally demand its removal.

In other words, even if the original source is deleted, the “knowledge” contained within it has already spread and is hard to control.

This incident marks the second leak experienced by Anthropic within the last year.

Previously, there was also a data leak encompassing information on the launch plans for the Claude Mythos AI model. That leak occurred due to issues with the company’s content management system (CMS).

View JSON | Print