Anthropic Leaks Highlight Security Risks and Plans for AI Agent Development

_{Photo credit: daily_creativity / Shutterstock.com}

The AI company Anthropic has spent the past week trying to contain a leak that exposed the inner workings of one of its AI tools and offered insight into how its agentic systems are being built.

The 2.1.88 update to Claude Code, the company’s coding assistant, accidentally included an internal file pointing to an archive of nearly 2,000 files and more than 500,000 lines of code, including commercially sensitive information. 

The material was soon copied onto GitHub, where it spread rapidly; a reconstructed version of the source code then became GitHub’s fastest-downloaded repository. One post linking to the code received more than 29 million views. 

Anthropic spokesperson Christopher Nulty said:

Earlier today, a Claude Code release included some internal source code. No sensitive customer data or credentials were involved or exposed. This was a release packaging issue caused by human error, not a security breach. We’re rolling out measures to prevent this from happening again.

The leak revealed significant details about how Claude Code operates, including its memory architecture, internal instructions, and references to a feature known as KAIROS, which appears to relate to an always-on agent.

Attempts to contain the leak proved difficult. Anthropic issued copyright takedown notices for 8,100 repositories before scaling them back to 96, as copies of the code continued to circulate, often rewritten using AI to evade removal.

The leak follows a separate recent incident in which thousands of Anthropic’s internal files were found on publicly accessible systems, including draft materials referencing its powerful unreleased “Mythos” and “Capybara” models, raising further questions about standards for internal controls in AI companies.