Anthropic Claude Code Source Leak Exposes Security Risks

Anthropic accidentally leaked the source code for its Claude Code AI agent, revealing sensitive details including its permission model, security validators, and unreleased feature flags. This exposure allows competitors to clone its functionality and creates new attack vectors for malicious actors. The leak occurred alongside a separate malware injection in the npm registry, potentially exposing users to both the AI code and unrelated malware. Security experts warn that the incident highlights the need for stricter vendor evaluation and robust security practices when deploying AI development tools, especially concerning the provenance and permissions of AI-generated code.