22:18
Yesterday, the most ironic thing ever happened. Anthropic, a $380 billion startup that built on the idea of safety first, that advocates for closed-source software for the supposed benefit of humanity, a company Elon calls misanthropic, whose logo is definitely not a sphincter, whose CEO has been warning us for years that human programmers will be replaced by AI in 6 months, it just accidentally leaked Claude Code's entire source code to the internet at 4:00 a.m., officially making Anthropic more open than OpenAI. Within minutes of the leak, Xiaofan Shao, a security researcher, discovered that version 2.1.88 of the Claude Code NPM package was shipped with a 57 MB source map file.
You know, that file that's only used in development with the full readable source code of your project. This holy grail of leaks, containing over 500,000 lines of TypeScript code, it quickly spread across the internet like wildfire. Anthropic's legal team courageously issued DMCA takedowns, but by the time they woke up in San Francisco, it was already too late. The code was mirrored countless times and cloned by slop tubers like Fireship, which the Supreme Court says I can do legally, by the way, as a world-renowned journalist. I know a lot about the law and various other lawyering. Um In today's video, we'll look at all of the incredible discoveries in the code that Anthropic doesn't want you to know about, like its
anti-distillation poison pills, its mysterious unreleased features, its undercover mode, its regular expression-based frustration detector, and many other super secret techniques at the foreskin of AI research. No, this is not an April Fools' Day joke. It is April 1st, 2026, and you are watching The Code Report. Unfortunately, my lawyer just informed me that showing you Anthropic's TypeScript code would be a violation of my parole. And I refuse to go back to jail. But luckily, the open-source community has already created a loophole. Ironically, Claude's most prolific user used OpenAI Codex to rewrite Claude Code's TypeScript code to Python code, resulting in a new, barely legal project called Claw Code. And it's already become the fastest repo in
history to surpass 50,000 GitHub stars. Not only that, but somebody else lot work the leaked code and made it work with any model. They're calling this new project open Claude and it makes projects like open code completely obsolete. But maybe now that the code's out in the open, Anthropic will just make it open source. If somebody tried to make a pull request with the leaked code, but not surprisingly, it looks like Anthropic already deleted it. What a mother effing crazy 24 hours. But how did this code end up leaked first place? Well, as I mentioned, the source map was accidentally packaged in an NPM release. But that's weird because build tools normally strip out source maps
automatically. Well, Claude code is built on Bun JS, which as you might recall, was recently acquired by Anthropic. And it just so happens that about 3 weeks ago, somebody opened up an issue on GitHub about Bun JS serving source maps in production. Wouldn't it be ironic if the fastest JavaScript runtime in the world also turned out to be the fastest way to ship your entire code base to the internet? It's unclear if that was the root cause, and it's also possible that some unfortunate developer did this by accident, or perhaps some rogue developer did it on purpose. We may never know the truth, but now it's time for the fun part. What did we actually learn from the leak?
Well, first, we learned that Claude uses Axios. If you subscribe to my channel, then you know that Axios was compromised by North Korean hackers yesterday. The exploit can install a remote access Trojan on anyone using this package. And in theory, if that happened on Anthropic servers, it could be a massive disaster. But the next thing we learned is that Claude code is basically just a dynamic prompt sandwich glued together with TypeScript, and not some magical piece of futuristic technology. In a basic AI chatbot, you typically have a hidden system prompt that gets combined with your prompt, then the base model uses statistics to regurgitate a bunch of data it stole from the internet. But in
Claude code, things are far more complex with a total of 11 steps from input to output. If somebody already vibe coded a website that breaks down every step, but the most interesting part about this code base is that it contains tons of hard-coded instructions and guardrails that basically beg Claude to please don't do anything weird. Like there's just file after file of these massive hard-coded strings telling Claude to be a good boy. And that's kind of surprising because if this code were ever leaked, it would instantly turn from a black box into a blueprint for Claude's competition. And ironically, that's exactly what happened. What makes that even more funny though is that Claude was actively trying to stop their
competition from copying Claude code by implementing anti-distillation poison pills. It does that by pretending that certain tools exist when in reality they don't exist at all. You're a big fat phony. That means if you're some Chinese guy trying to train a new model on Claude's outputs, it's going to talk about tools that don't exist, which will point your model in the wrong direction and just make it suck. In reality, Claude code only uses about 25 different tools or so. And now the Claude distillers know exactly what to look for and they're likely going to have a field day with the bash tool. This file contains over a thousand lines of code that helps the large language model reliably parse and execute bash
commands, which might be the single most important feature in an AI coding assistant. The next thing we need to talk about though is undercover mode, which is a set of instructions that tell Claude to never mention itself in commit messages or outputs, where the main idea is to make the outputs look as human as possible. The stated purpose of this feature is to prevent things like model code name leaks, but many have speculated that the true purpose is more deceptive. Like they're trying to covertly use Claude in open source projects, so AI code doesn't get scrutinized when it breaks things catastrophically. A very misanthropic idea indeed, but the irony continues.
Another funny thing found in the code is its regex frustration detector. Your state-of-the-art AI model uses simple regular expression matching against your prompt to look for keywords like balls, and so on to determine if you're not having a good experience coding with Claude. If it detects a match, it'll simply log an event. The bottom line here is that we're not looking at some sort of alien super intelligence, but rather basic programming concepts that have been around for 50 years combined with a bunch of prompt spaghetti. It's all just an illusion. On top of that, this code base has a ton of comments, a lot more comments than you would typically find in a human-written code base. And what that tells us is that these comments
aren't actually written for humans, but rather for the AI to write its own AI coding tool in an infinite loop. But perhaps the biggest problem about this leak for Anthropic is not the code itself, but rather the feature names and roadmap hidden within the code. Like there's a hidden capability under a feature flag called buddy, which appears to be a new Tamagotchi-style companion that every developer can customize and raise like a little digital pet. This might just be Anthropic's April Fools' Day joke, but there are also references to Opus 4.7 and a new model called Capybara, which might be their new recently teased Mythos model. There's also things like Ultra Plan, Coordinator
Mode, and Demon Mode, but perhaps the most interesting is Kairos, which is a Greek word for an exact moment in time or God's time. I hate to beat off a dead horse here, but it's a bit ironic that Anthropic didn't get to reveal Kairos at the exact time it wanted to, and instead God chose the right time. The feature itself seems to be some kind of background agent that keeps a daily journal, uses dream mode to consolidate memories, and does work for you in the background on a specific schedule. Pretty cool, but at the end of the day, this leak is a pretty huge setback for Anthropic, which hopes to IPO later this year and offload their bags to the retail public. And it's yet another reminder that your top secret
application is just one NPM publish away from becoming open source, whether you like it or not.
