Claude Code's Unplanned Transparency Day: 512K Lines of 'Oops' Hit npm

Anthropic accidentally dropped nearly the entire kitchen sink onto npm this week. A misconfigured source map file bundled with Claude Code version 2.1.88 spilled roughly 60 megabytes of internal goodies — about 512,000 lines of TypeScript across 1,906 files — giving developers a rare peek under the hood of one of the company's flagship commercial products. For those keeping score at home, that's roughly the equivalent of leaving your diary open at a crypto conference and hoping nobody reads it aloud.

Chaofan Shou, a software engineer interning at Solayer Labs, first spotted the leak, which promptly went viral across X and GitHub as devs rushed to dissect the codebase. Within minutes, the timeline was flooded with screenshots of developers geeking out over someone else's code like it was a limited edition sneaker drop. The vibe was less "security incident" and more "Christmas morning for nerds."

So what did the internet find? For starters, Claude Code runs on a three-layer memory system built around a lean file called MEMORY.md that stores quick references rather than full context. More detailed project notes live elsewhere and get pulled in only when relevant, while past session history gets searched selectively instead of loading all at once. The system also checks its memory against actual code before taking action — a design choice aimed at reducing hallucinations and bad assumptions. Basically, it's like having a note-taking system that actually knows when to shut up and look at the code instead of yapping about things it half-remembers.

The code also hints Anthropic's been cooking up a more autonomous version than what's currently available. A feature repeatedly referenced as KAIROS appears to describe a daemon mode where the agent keeps running in the background rather than waiting for direct prompts. Another process called autoDream handles memory consolidation during idle time by reconciling contradictions and converting tentative observations into verified facts. Imagine your AI assistant doing homework while you sleep — except it's not cramming for a test, it's just vibing and organizing its own thoughts like some kind of digital monk.

Developers also spotted dozens of hidden feature flags, including references to browser automation through Playwright. Because apparently Claude Code wants to click buttons on websites just like the rest of us degenerates scrolling through X at 3 AM. The feature flags were scattered throughout the codebase like easter eggs, except instead of chocolate, you get potentially game-changing functionality hidden behind boolean variables that nobody was supposed to see.

The leak also exposed some internal model naming conventions. Capybara apparently refers to a Claude 4.6 variant, Fennec corresponds to an Opus 4.6 release, and Numbat remains in prelaunch testing. Internal benchmarks showed the latest Capybara version with a false claims rate of 29% to 30%, up from 16.7% in an earlier iteration. The code also referenced an assertiveness counterweight designed to keep the model from getting too aggressive when refactoring user code. That's right, someone at Anthropic literally had to program a feature to stop their AI from being too mean when it touches your precious spaghetti code. The struggle is real.

One of the spicier discoveries: a feature described as Undercover Mode. The recovered system prompt suggests Claude Code could contribute to public open source repos without revealing AI was involved. The instructions specifically tell the model to avoid exposing internal identifiers, including Anthropic codenames, in commit messages or public git logs. Nothing says "I am a normal human developer" quite like your AI stealth-contributing to a repo at