512,000 lines of Claude Code's own CLI source code have leaked due to 'human error', but the company says 'no sensitive customer data or credentials' were exposed

Claude Code has become one of the modern darlings of the vibe coding revolution, being a terminal-based coding assistant that's been used for a raft of creative software projects, including a, err, game created by a dog.

Unfortunately for Anthropic, the company behind the AI coding whizz, the latest package also included a source map file—allowing access to its own command line interface (CLI) source code.

The leak was first spotted by security researcher Chaofan Shou, and posted on X with a (now defunct) link to the files. According to Ars Technica, the codebase was then transferred to a public GitHub repository, and has since been forked tens of thousands of times.

Of course, it could be worse. The source code does not pertain to the models themselves, but instead the command line interface that interacts with them.

However, reports indicate that the leak contains almost 2,000 TypeScript files and more than 512,000 lines of code, which means it's primed to give AI coding enthusiasts an insight into how Claude Code operates.

A statement has since been released by an Anthropic spokesperson to multiple outlets, including VentureBeat, regarding the error. The statement reads:

"Earlier today, a Claude Code release included some internal source code. No sensitive customer data or credentials were involved or exposed. This was a release packaging issue caused by human error, not a security breach. We're rolling out measures to prevent this from happening again."

Despite the leak being less than a day old, some have already taken to pulling the code apart to see exactly how the Claude Code sausage is made. Discoveries so far include an "insanely well-designed" memory system made in a three-layer design, which is described as "self-healing memory".

Which sounds like the sort of intellectual property that Anthropic would be very keen to keep under wraps. And while its customer data appears to remain secure, it's the second reported data leak from the company in the past week—which likely won't do much good to the company's position among an increasingly crowded AI market.