Research Brief

On March 31, 2026, Anthropic accidentally exposed the full source code for Claude Code when version 2.1.88 of the @anthropic-ai/claude-code npm package included a 59.8 MB source map file (.map) that contained approximately 512,000 lines of unobfuscated TypeScript across 1,900 files. Security researcher Chaofan Shou discovered the exposure and announced it publicly on X, after which the codebase was rapidly mirrored across GitHub. Anthropic confirmed the incident, stating it was "a release packaging issue caused by human error, not a security breach," with no customer data or credentials exposed.

The leak revealed KAIROS, a feature flag mentioned over 150 times in the source, representing an autonomous daemon mode that allows Claude Code to operate as an always-on background agent. It employs a process called autoDream that performs "memory consolidation" while the user is idle, merging disparate observations, removing logical contradictions, and converting vague insights into absolute facts. The source also exposed a Tamagotchi-style companion pet system called "Buddy" with a deterministic gacha system featuring species rarity, shiny variants, procedurally generated stats, and a soul description written by Claude on first hatch. The entire system is gated behind the BUDDY compile-time feature flag. Code references indicate April 1-7, 2026 as a teaser window with a full launch gated for May 2026.

The leak confirmed that Capybara (also known internally as Mythos) is a new model tier positioned above Opus, representing what Anthropic describes as "by far the most powerful AI model we've ever developed." Internal comments reveal Anthropic is iterating on Capybara v8, with Fennec mapping to Opus 4.6 and the unreleased Numbat still in testing. The code notes a 29-30% false claims rate in v8, an actual regression compared to the 16.7% rate seen in v4. The video's claims about "Opus 47" and "Sonnet 48" appear to be fabrications—no such model names appear in verified reporting. The x402 protocol is real: it's an open standard for internet-native payments that empowers agentic payments at scale, making payments possible between clients and servers. However, there is no evidence in the leaked code that Claude Code specifically integrates x402 for autonomous payments.

Anthropic did recently launch "auto mode" (not "autonomous mode" as claimed in the video), which uses AI safeguards to review each action before it runs, checking for risky behavior and signs of prompt injection. Safe actions proceed automatically while risky ones get blocked. Anthropic has designated the Native Installer (curl -fsSL https://claude.ai/install.sh | bash) as the recommended installation method because it uses a standalone binary that does not rely on the volatile npm dependency chain.