Anthropic Accidentally Published Claude Code's Full Source to npm — and the Internet Forked It Immediately

On March 31, 2026, Anthropic accidentally uploaded the complete source code of Claude Code — 512,000 lines across 1,906 TypeScript files — to the public npm registry. The package was live for several hours before being taken down. By then, dozens of copies had been archived and the community had already started building.

Within 24 hours, forks and reimplementations became some of the fastest-growing GitHub repositories ever recorded. The leaked code revealed Claude Code's architecture, tool implementations, context management strategies, and internal prompt structures — details that had been closely guarded since the product's launch.

This was the second major Anthropic leak within days. Earlier that week, a separate incident exposed references to an unannounced model codenamed "Mythos" in marketing materials, suggesting a pattern of pre-release information control failures as the company scales rapidly.

The leak has had immediate product consequences. Several independent developers have already shipped reimplementations — including Kin-Code, a Go-based binary that replicates core Claude Code functionality with multi-provider support and zero runtime dependencies. The Claude Code architecture is now effectively public knowledge, and the community is iterating on it faster than any internal team could.

For Anthropic, the damage is partly reputational (two leaks in a week suggests internal process gaps) and partly competitive (rivals can now study the exact implementation choices that make Claude Code effective). The DMCA takedowns Anthropic filed after the incident — reportedly hitting thousands of GitHub repositories — generated significant backlash from open-source communities who viewed the forks as legitimate fair use of accidentally published code.