security anthropic claude source-maps vibe-coding

Anthropic Leaked Their Own Source Code — Twice. Nobody's Immune to Shipping Sloppy.

Anthropic — the company that charges you $200/month to use the “safest” AI on the planet — just leaked the entire source code of Claude Code through their npm package. Again.

A 60-megabyte source map file sitting right there in the published package. Containing 1,906 proprietary TypeScript source files. Internal APIs. Telemetry systems. Encryption tools. Unreleased features. Everything.

This is the company building the AI that writes your code. And they shipped a .map file to production. Twice.

What Got Leaked

Researcher Chaofan Shou discovered that Claude Code’s npm package included cli.js.map — a source map file that allows complete reconstruction of the original TypeScript source from the bundled JavaScript. Within hours, the deobfuscated code was on GitHub for the world to see.

Here’s what was inside:

  • Internal API designs — how Claude Code communicates with Anthropic’s servers
  • Telemetry and analytics — what data Claude Code collects about your usage
  • Encryption and IPC protocols — the security mechanisms protecting your sessions
  • Unreleased features including:
    • A “Buddy AI pet” — a Tamagotchi-style AI companion with 18 species, evolving stats, and mood systems
    • “KAIROS” — a persistent, always-on AI assistant mode designed for proactive task management

The Buddy AI pet is hilarious. The security implications are not.

This Already Happened Before

In February 2025, the same thing happened with an early version of Claude Code. Source maps exposed the codebase. Anthropic pulled the package and supposedly fixed it.

Fourteen months later: same mistake, bigger codebase, more sensitive internals. The .map file was just sitting there in the npm registry, waiting for anyone to look.

Why This Matters for You

You might be thinking: “Cool story, but I don’t work at Anthropic.” Fair. Here’s why you should care:

Source Maps in Production Is a Rookie Mistake

Every web development bootcamp teaches you: don’t ship source maps to production. It’s in every deployment checklist. Every bundler has a flag for it. Webpack, Vite, esbuild, Rollup — they all default to stripping maps in production builds.

Anthropic has hundreds of engineers. They have security teams. They have code review processes. And they still shipped a 60MB source map to the public npm registry. Twice.

If they can’t catch this, what makes you think your AI-generated build config is handling it correctly?

Your Vibe-Coded App Probably Has Source Maps in Production Too

Go check. Right now. Open your deployed site and look for .map files:

curl -s https://yoursite.com/assets/index.js.map | head -c 100

If you get content back instead of a 404, congratulations — your entire source code is publicly readable. Every API endpoint. Every secret you accidentally hardcoded. Every business logic decision. All of it.

AI coding tools don’t think about build configurations. They set up a Vite or Next.js project with defaults and move on. And the defaults aren’t always production-safe.

Your Build Pipeline Is a Security Surface

Most vibe-coded apps don’t have a real build pipeline. They have “it works when I run npm run build.” No automated checks. No CI/CD. No verification that the output doesn’t contain things it shouldn’t.

A proper build pipeline would:

  • Strip source maps (or restrict them to error monitoring services)
  • Run npm audit before building
  • Check for hardcoded secrets
  • Verify environment variables are set correctly
  • Run tests (if they exist, which they probably don’t)

Without this, you’re flying blind. You have no idea what’s actually in your production bundle.

What to Do About It

Check for exposed source maps:

# Find .map files in your build output
find ./dist -name "*.map" -type f

If they exist in your production build, fix your bundler config:

// vite.config.js
export default defineConfig({
  build: {
    sourcemap: false, // or 'hidden' for error monitoring only
  }
});

Audit your npm package (if you publish one):

npm pack --dry-run

Look at what’s included. If you see .map files, test files, or anything that shouldn’t be public, add them to .npmignore or configure your package.json files field.

Set up a basic build check:

# Add to your build script
if find ./dist -name "*.map" | grep -q .; then
  echo "ERROR: Source maps found in production build!"
  exit 1
fi

The Lesson

Anthropic is a $60 billion company with world-class engineers, and they shipped source maps to production. Twice. In the same product. After being publicly embarrassed the first time.

Security isn’t about being smart enough to never make mistakes. It’s about having systems that catch mistakes before they ship. Checklists. Automated checks. CI/CD gates. Code review with security awareness.

Vibe-coded apps have none of these systems. And the AI tools building them don’t know to set them up.

Your AI can write code fast. It can’t think about what shouldn’t ship. That’s still your job.

Worried about what’s exposed in your production build? Drop your URL for a free surface scan — we’ll check for source maps, exposed configs, and other things you didn’t know were public.

← Back to all posts