How did Anthropic’s Claude Code leak spread?

Claude Code source leak triggers takedown requests and accidental GitHub fallout

Anthropic’s Claude Code AI coding tool was exposed when its source code briefly appeared online following what Anthropic described as human error. The immediate issue wasn’t just the leak itself—it was the speed and scale of downstream copying, which drove Anthropic to pursue containment actions.

According to the provided stories, Anthropic issued copyright takedown requests aimed at removing copies of the leaked Claude Code instructions. That response appears to have worked only partially: in one case described in the pool, a GitHub cleanup effort intended to target leaked code also resulted in the removal of many legitimate GitHub forks. The story frames this as an unintended consequence of the takedown process rather than a targeted “kill switch” for specific repositories.

So the sequence looks like this:

1) Source code for Claude Code was accidentally exposed. 2) Others copied or forked it quickly. 3) Anthropic used copyright takedown requests to try to remove copies. 4) The takedowns accidentally caught legitimate forks, showing how broad automated enforcement can be.

This matters for the enterprise AI and open-development community because AI coding tools sit at the intersection of proprietary products and developer ecosystems where forks are common and often harmless. When enforcement actions are fast and wide-ranging, they can create collateral damage that affects legitimate maintenance, auditing, and interoperability efforts.

For teams using agentic coding tools, the incident also reinforces an operational reality: source-map artifacts and other bundles can expose more than intended during releases, especially when build tooling or packaging mistakes occur.

The pool also notes that details about Anthropic’s internal “Kairos” updates emerged from the leaked code, adding another layer of significance beyond mere security exposure.