After Anthropic released the 2.1.88 update of Cloud Code, users immediately discovered that it included a package containing a source map file containing the TypeScript codebase, a person at X drew attention to the leak and posted the file containing the code. The leaked data reportedly includes more than 512,000 lines of code and offers a look at the inner workings of the AI-powered coding tool, as previously reported. Ars Technica And venturebeat.
Although Anthropic later fixed the issue, it did not stop users from copying the code to the repository on GitHub, which has since accumulated more than 50,000 forks (or copies of the repository). Anthropic launched Cloud Code in February 2025, and the tool gained more momentum after adding agentic capabilities that act on the user’s behalf.
“Earlier today, the cloud code release included some internal source code. No sensitive customer data or credentials were included or exposed,” Anthropic spokesperson Christopher Nulty said in an emailed statement. The Verge. “This was a release packaging issue caused by human error, not a security breach. We are taking measures to prevent this from happening again.”
Gartner AI analyst Arun Chandrasekaran explains The Verge While the cloud code leak has risks such as “providing bad actors a potential outlet to bypass guardrails”, its long-term impact may be limited to “a call to action for Anthropic to invest more in processes and tools for better operational maturity.”
<a href