Anthropic accidentally exposed more than 500,000 lines of internal code tied to its Claude Code tool, then spent the next day issuing takedowns as copies spread across developer platforms.
This is the tech version of Coke dropping its formula online and hoping nobody saved it.
A security researcher flagged the issue within hours, and copies of the code began circulating almost immediately. Links spread across GitHub and social media, and the files were downloaded and reposted before the company could react.
Anthropic confirmed the leak and said no customer data or credentials were exposed.
“Earlier today, a Claude Code release included some internal source code… No sensitive customer data or credentials were involved or exposed.”
Anthropic says the leak did not include the model weights behind Claude. The release included internal instructions and software layers that guide how the tool performs tasks and connects to other systems.
The leaked code shows how Claude Code breaks down tasks, carries them out, and manages longer workflows. That internal structure allows the tool to execute multi-step tasks and interact with other software, which is now visible to anyone who downloaded the files.
By the next day, Anthropic had issued thousands of copyright takedown requests as copies spread across GitHub and related platforms. The effort quickly expanded, reaching more than 8,000 versions and adaptations of the leaked code as developers shared and modified what they had downloaded.
“This was a release packaging issue caused by human error, not a security breach. We’re rolling out measures to prevent this from happening again.”
The exposed material includes internal instructions and tools that guide how Claude Code operates. That information gives competitors a roadmap to replicate features they would otherwise have to build through trial and error.
It gives security researchers and bad actors new material to probe for weaknesses or manipulate how the system behaves. Anthropic’s own models have been described as capable of identifying software vulnerabilities.
The takedown push also swept too broadly. Some of the notices reached repositories that were not responsible for the original leak, including projects tied to Anthropic’s own public code. The company later scaled back those requests after acknowledging the initial sweep extended beyond the intended targets.
Read More: Trump Administration Blacklists AI Firm Anthropic. Now the Company Is Suing the Pentagon.
Senate Clears ChatGPT for Staff but Anthropic’s Claude Is Nowhere on the List
By that point, the code was already in circulation. Developers had copied, shared, and in some cases begun adapting what they found, with new versions appearing even as takedown requests were issued.
Claude Code has gained traction with businesses and developers because of how it handles complex coding tasks and manages multi-step work. The exposed material shows how the system handles those tasks while lowering the barrier for others trying to match those capabilities.
Anthropic can remove copies from major platforms, but it cannot put the code back in the box once it has spread beyond its control. For a company reportedly weighing an IPO, questions are already surfacing after two disclosures in one week, and “please ignore the leaked source code” is not much of a roadshow pitch.
Editor’s Note: Do you enjoy RedState’s conservative reporting that takes on the radical left and woke media? Support our work so that we can continue to bring you the truth.
Join RedState VIP and use the promo code FIGHT to get 60% off your VIP membership!
