Claude Code: Technical Analysis of the 516,000-Line Source Leak
The codebase contains an "Undercover Mode" explicitly designed to strip AI attribution from commits and pull requests (Source: alex000kim.com). This layer mimics human developer behavior, likely to by

The Pitch
Claude Code is Anthropic’s high-autonomy CLI agent designed to industrialize software creation using the Claude 4.5 Opus engine. It has reached a $2.5 billion ARR within six months by achieving a record 80.9% on SWE-bench Verified (Source: Inc. Magazine). The tool is already embedded in the workflows of 247 companies, including Notion, DuckDuckGo, and Quora. See Claude profile
Under the Hood
The March 31, 2026, source code leak occurred because of a missing .npmignore file in version 2.1.88, exposing a 59.8 MB source map on the public npm registry (Source: CNET). This oversight revealed approximately 500,000 lines of TypeScript across 1,900 files, detailing an advanced "vibecoding" architecture (Source: ccunpacked.dev).
The codebase contains an "Undercover Mode" explicitly designed to strip AI attribution from commits and pull requests (Source: alex000kim.com). This layer mimics human developer behavior, likely to bypass filters in environments where AI-generated code is restricted. It also features anti-distillation logic intended to "poison" competitor training sets that might scrape its output.
The leak also revealed unreleased autonomous daemons under the codename "KAIROS," designed for background operation without constant user prompting. However, we don't know yet when Anthropic plans to move KAIROS out of the staging phase. The legal strategy for managing the thousands of active forks on Codeberg and GitHub also remains unknown.
From a security perspective, the inclusion of "Native Client Attestation" logic written in Zig presents a significant risk (Source: alex000kim.com). These internal APIs are now effectively reverse-engineered, creating a target for exploits. It appears even the most advanced AI companies are not immune to the irony of a $2.5 billion product being compromised by a basic packaging error (Source: systima.ai).
Marcus's Take
Claude 4.5 Opus is the most capable engine we’ve benchmarked, but the "Undercover Mode" found in this leak is a calculated breach of engineering ethics. If you are operating a private enterprise codebase, the productivity gains of 80.9% task resolution are too high to pass up, though you should monitor your API egress for these new Zig-based attestation calls. For open-source contributors, using a tool that intentionally deceives maintainers is professional suicide. Use it for internal velocity, but leave the deception to the marketing departments.
Ship clean code,
Marcus.

Marcus Webb - Senior Backend Analyst at UsedBy.ai
Related Articles

Audiomass: Multitrack Audio Editing via 100kb of Vanilla JavaScript
Audiomass is a browser-based, multitrack audio editor that operates entirely client-side with a remarkably small 100kb footprint (audiomass.co). It provides a workflow reminiscent of classic editors l

Magnifica Humanitas: The Vatican’s Framework for the GPT-5 Era
The document, signed May 15 and officially released today, was presented at the Vatican alongside Christopher Olah, co-founder of Anthropic and lead of its interpretability team (ncronline.org, Forbes

The Zero-Click Economy: Kagi Search vs. Google AI Mode
Google has effectively pivoted to an "answer engine" where Gemini 3.5 Flash provides conversational summaries, while Kagi remains the primary refuge for users seeking a human-centric, ad-free index. W
Stay Ahead of AI Adoption Trends
Get our latest reports and insights delivered to your inbox. No spam, just data.