AI Intel: Claude Code's 512K-Line Source Leak, Microsoft Makes GPT and Claude Work Together, Capybara Revealed

Anthropic just had its worst security day of the year. A 60 MB source map file shipped inside Claude Code's npm package exposed the entire codebase — 1,900 TypeScript files, 512,000+ lines of code, and a treasure trove of unreleased features that Anthropic definitely didn't want you to see yet. Meanwhile, Microsoft quietly dropped the most interesting multi-model architecture we've seen from a major tech company.

Claude Code's Full Source Code Leaked via npm

On March 31, security researcher Chaofan Shou discovered that version 2.1.88 of the @anthropic-ai/claude-code npm package included a cli.js.map file — a 59.8 MB source map that maps the bundled JavaScript back to the original TypeScript source. Within hours, the entire codebase was extracted and uploaded to GitHub, where it racked up 1,100+ stars before most people had finished their morning coffee.

This is the second time in a year that Claude Code's source has leaked. The first incident was smaller in scope. This one is the full thing.

The numbers alone tell a story: ~1,900 files, 512,000+ lines of TypeScript, roughly 40 built-in tools, and ~50 slash commands. Claude Code runs on Bun (not Node), uses React with Ink for terminal rendering, and has a modular tool architecture where each capability — file reads, bash execution, web fetching, LSP integration — is a discrete, permission-gated plugin. The query engine alone is 46,000 lines.

For developers building AI tools, the architecture is worth studying regardless of how it surfaced. Multi-agent orchestration with spawnable "swarm" sub-agents, a bidirectional IDE bridge using JWT authentication, and a persistent file-based memory system that stores context across sessions. This is production-grade infrastructure, not a chat wrapper.

The irony writes itself: a tool designed to help engineers write better code was undone by a misconfigured .npmignore. If you ship npm packages, run npm pack --dry-run before every publish. Source maps are source code.

What the Leak Reveals: Capybara, KAIROS, and Anti-Distillation

The source code is interesting. What's hidden inside it is more interesting.

Buried in the codebase are references to a new model family codenamed "Capybara" — with three tiers: capybara, capybara-fast, and capybara-fast[1m]. Anthropic went so far as to encode the name using String.fromCharCode(99,97,112,121,98,97,114,97) to avoid triggering their own internal leak detectors. That level of paranoia suggests Capybara is real and close to launch.

Capybara sits above Opus in Anthropic's model hierarchy — a new class described internally as "larger and more intelligent than the Opus models." RSA's cybersecurity team has already flagged it, noting Anthropic's own draft blog warned the model "presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders." That's Anthropic saying their own model scares them.

Then there's KAIROS — referenced over 150 times in the source. Named after the Ancient Greek concept of "the right moment," KAIROS is an autonomous daemon mode. Think Claude Code running continuously in the background, watching your project, making suggestions or taking actions without being prompted. It's the clearest signal yet that Anthropic sees the future of coding tools as always-on agents, not on-demand chat.

Other finds from the leak:

For anyone running Claude Code through a third-party API endpoint, the anti-distillation flag is worth noting. If your proxy or gateway strips or modifies tool definitions, you might see different behavior than direct API users. Something to watch if you're routing Claude Code through services like KissAPI or similar OpenAI-compatible gateways.

Microsoft Makes GPT and Claude Work Together in Copilot

While Anthropic was dealing with its leak, Microsoft quietly shipped something that might matter more long-term: Copilot's new Researcher agent now uses Claude to review GPT's work.

The setup is straightforward. GPT generates a response. Claude reviews it for accuracy and quality before the user sees it. Microsoft calls this "Critique" mode. There's also a "Council" mode where both models work in parallel on the same query, and a third model judges the discrepancies between their outputs.

This is the first time a major tech company has officially shipped a multi-model architecture where rival AI providers check each other's work in production. Microsoft invested $13 billion in OpenAI, and they're using Anthropic's model to fact-check OpenAI's output. The pragmatism is almost funny.

Reuters reports Microsoft plans to make the workflow bidirectional — GPT reviewing Claude's work too. The implication is clear: no single model is good enough alone, and the companies building on top of these models know it.

For developers, this validates the multi-model routing pattern we've been talking about for months. If Microsoft is running GPT+Claude in tandem for quality, you should at least be routing different task types to different models based on their strengths. The era of "pick one model and use it for everything" is officially over.

DeepSeek Teases Something Bigger Than V3.2

A DeepSeek employee posted on social media last week teasing a "massive" new model that surpasses V3.2. The current V3.2 API already handles 128K context with competitive reasoning scores, but the web version appears to be running something different — possibly a preview of whatever's coming next.

DeepSeek's documentation now explicitly notes that "deepseek-chat and deepseek-reasoner correspond to the model version DeepSeek-V3.2 (128K context limit), which differs from the APP/WEB version." That gap between API and web usually means a newer model is being tested in production before the API gets it.

V4 has been the subject of speculation for months. If it lands with the kind of price-performance ratio DeepSeek is known for, it'll put even more pressure on the pricing structures that OpenAI and Anthropic have built their businesses around.

Quick Hits

Running Claude Code with Your Own API Key?

KissAPI gives you OpenAI-compatible access to Claude, GPT-5.4, Gemini, and 200+ models through one endpoint. Works with Claude Code, Cursor, Cline, and any OpenAI SDK. Pay-as-you-go, no subscription.

Get Started Free →