Claude Code Source Leaked via npm Map File

Source: Tweet + https://pub-aea8527898604c1bbb12468b1581d95e.r2.dev/src.zip Author: @Fried_rice Date: 2026-03-31

Summary

Tweet announcing that Claude Code’s source code was inadvertently exposed via a map file included in their npm registry package. This enabled reverse engineering of how Claude Code actually works.

Key Claims

  • The leak: Anthropic’s Claude Code npm package included source map files that allowed decompilation of the minified JavaScript.
  • What was discovered: (per follow-up tweets) the agent architecture, tool implementation, safety checks, and context management details.
  • The KV cache fork-join: apparently Claude Code uses KV cache forking to share context efficiently across subagents.
  • Negative sentiment tracking: Claude Code silently logs when users express frustration (is_negative: true) without changing behavior.
  • Anthropic’s response: patched the npm package quickly.

Connection to Other Sources

Provides source material for Claude Code Analysis and Harness Engineering themes.

Entities

Concepts