How 512,000 lines ended up on GitHub
A source map file accidentally bundled into an npm package exposed everything.
On March 31, 2026, Anthropic published version 2.1.88 of their @anthropic-ai/claude-code npm package. Buried inside was a 59.8MB .map file โ a source map that contains the original, unobfuscated TypeScript source code. Source maps are meant for internal debugging; they map minified production code back to readable source. They should never ship publicly.
By 4:23am ET, a developer named Chaofan Shou spotted it, posted about it on X, and the entire codebase was mirrored on GitHub within hours. The irony? The source code contains an entire subsystem called "Undercover Mode" designed to prevent Anthropic's internal information from leaking โ and they leaked the source code for Undercover Mode too.
The codebase revealed that Claude Code isn't a simple CLI wrapper around an LLM. It's a 1,900-file TypeScript application built on Bun, React, and Ink (React for terminals), with 40+ tools, multi-agent orchestration, a background memory engine, and about 20 fully-built features that haven't been released yet.
๐ /loop โ Recurring Background Tasks Live
The /loop command runs a prompt or another slash command on a repeating interval within your session. This is great for polling deploy status, watching test results, or checking service health. Each iteration gets its own context, so long-running loops don't bloat the conversation.
# Check deploy status every 5 minutes
/loop 5m check if the deploy on staging is complete
# Run tests every 10 minutes
/loop /test
# Custom interval with a slash command
/loop 2m /security-review
โก Fast Mode (aka "Penguin Mode") Live
The source code reveals that what users see as "Fast Mode" is internally called Penguin Mode. The API endpoint is literally /api/claude_code_penguin_mode. The config key is penguinModeOrgEnabled. The kill switch is tengu_penguins_off. Penguins all the way down.
Fast Mode isn't a different model โ it runs the same Opus 4.6 with speed-optimized API settings. Toggle it with /fast. Ideal for rapid iteration and live debugging. Turn it off when cost efficiency matters, because when enabling it mid-session, the entire prior context gets re-billed at Fast Mode rates.
/fast # Toggle fast mode on/off
๐ Git Worktrees โ Parallel Isolated Work Live
Claude Code has built-in git worktree support, letting you work on multiple branches simultaneously in isolated directories. The source shows dedicated EnterWorktreeTool and ExitWorktreeTool implementations. This means Claude can spin up a separate working directory for a feature branch without disturbing your main checkout.
# Start Claude in a worktree for a branch
claude -w feature-branch
# With tmux panes for multi-agent work
claude -w feature-branch --tmux
๐ง Auto Mode โ AI-Approved Permissions Live
The source reveals a "YOLO classifier" โ a fast ML-based permission decision system. When you enable auto mode, Claude uses a transcript classifier to decide whether tool actions are safe to execute without asking you. Every tool action is classified as LOW, MEDIUM, or HIGH risk.
# Launch with auto permissions
claude --permission-mode auto
# Or toggle during a session with Shift+Tab
# Cycles: normal โ auto-accept โ plan mode
claude --dangerously-skip-permissions. Despite the scary name, it's essentially Cursor's old "yolo mode." Your call on risk tolerance.
๐ช Hooks โ Automation Triggers Live
Hooks let you run code automatically before or after Claude takes actions. The source reveals extensive hook infrastructure โ you can auto-format code after edits, run type-checks, lint on save, and more. Configure them in your settings.json or use the /hooks interactive menu.
{
"hooks": {
"PostToolUse": [
{
"matcher": "Write(*.py)",
"hooks": [
{
"type": "command",
"command": "python -m black $file"
}
]
}
]
}
}
๐ Custom Slash Commands & Skills Live
The source shows two systems that are now unified. Create markdown files in .claude/commands/ for user-invoked slash commands, or in .claude/skills/ for model-invoked skills (Claude decides when to use them automatically based on context). Skills support YAML frontmatter for tool restrictions, model selection, and auto-invocation control.
# File: .claude/skills/deploy/SKILL.md
---
name: deploy
description: Deploy the app to production
command: /deploy
allowed-tools: Bash, Read
---
# Deploy Instructions
Run the deployment pipeline for $0 environment.
Default to staging if no environment specified.
๐ Debug Commands (! prefix) Tip
The source reveals several undocumented debug commands prefixed with !. These are read-only inspection tools that won't affect Claude's behavior but are useful for debugging.
!tokens # Inspect your token breakdown
!tools # List available tools
!model # Show current model info
!tokens is the most practical one โ use it when you're running into context window issues and want to see exactly what's eating your tokens.
Fully built, not yet shipped
These features are compiled behind feature flags. The code is complete, sitting in the codebase, waiting to be turned on.
๐ The Dream System โ Memory Consolidation Unreleased
Claude Code has a background system called autoDream โ a memory consolidation engine that runs as a forked subagent. It literally "dreams" โ running a reflective pass over its memory files to synthesize recent learnings into durable, well-organized memories.
The Three-Gate Trigger
The dream has a three-gate trigger system โ all three must pass:
- Time gate: 24 hours since last dream
- Session gate: At least 5 sessions since last dream
- Lock gate: Acquires a consolidation lock (prevents concurrent dreams)
The Four Phases
- Orient: Read the memory directory and existing topic files
- Gather Recent Signal: Find new information worth persisting from daily logs and transcripts
- Consolidate: Write or update memory files, convert relative dates to absolute, delete contradicted facts
- Prune & Index: Keep MEMORY.md under 200 lines and ~25KB, resolve contradictions
The dream subagent gets read-only bash access โ it can look at your project but not modify anything. Purely a memory maintenance pass.
โฐ KAIROS โ Always-On Assistant Unreleased
Named after the ancient Greek concept meaning "at the right time," KAIROS is a persistent, always-running Claude assistant that doesn't wait for you to type. It watches, logs, and proactively acts on things it notices. The code is referenced over 150 times throughout the source.
How it works
- Maintains append-only daily log files with observations, decisions, and actions
- Receives regular
<tick>prompts to decide whether to act or stay quiet - Has a 15-second blocking budget โ any proactive action that would block your workflow for longer gets deferred
- Uses a special "Brief" output mode โ extremely concise responses designed for a persistent assistant
KAIROS-Exclusive Tools
- SendUserFile: Push files directly to the user (summaries, notifications)
- PushNotification: Send push notifications to your device
- SubscribePR: Subscribe to and monitor pull request activity
๐ง ULTRAPLAN โ 30-Minute Remote Planning Unreleased
ULTRAPLAN offloads complex planning tasks to a remote Cloud Container Runtime (CCR) session running Opus 4.6, with up to 30 minutes to think. Your terminal shows a polling state checking every 3 seconds, while a browser-based UI lets you watch the planning happen and approve or reject the result. A special sentinel value teleports the result back to your local terminal.
๐๏ธ Voice Mode Unreleased
A full voice command mode with its own CLI entrypoint. The code shows a complete voice input system gated behind the VOICE_MODE compile-time flag. Currently stripped from external builds entirely.
๐ค Coordinator Mode โ Multi-Agent Orchestration Unreleased
When enabled via CLAUDE_CODE_COORDINATOR_MODE=1, Claude Code transforms into a coordinator that spawns and manages multiple worker agents in parallel. The system follows four phases: Research (workers investigate in parallel), Synthesis (coordinator reads findings and crafts specs), Implementation (workers make targeted changes), and Verification (workers test everything).
Workers communicate via XML messages. There's a shared scratchpad directory for cross-worker knowledge sharing. The coordinator prompt explicitly teaches parallelism and bans lazy delegation.
โฑ๏ธ Cron Scheduling Unreleased
The source reveals tools for creating, deleting, and listing scheduled jobs with external webhook support. Combined with KAIROS, this would allow Claude Code to operate as a true autonomous background agent running on schedules.
๐ฅ๏ธ Computer Use โ "Chicago" Unreleased
A full computer-use implementation internally codenamed "Chicago." It provides screenshot capture, click/keyboard input, and coordinate transformation. Currently gated to Max/Pro subscriptions with an internal bypass for Anthropic employees.
What Anthropic employees get
Features gated behind USER_TYPE === 'ant' โ only available to Anthropic staff.
๐ต๏ธ Undercover Mode Ant-Only
When Anthropic employees use Claude Code on public or open-source repositories, this mode activates automatically. It injects instructions telling Claude to never reveal AI involvement in commit messages, PR descriptions, or any public-facing content. No Co-Authored-By lines, no mention of Claude Code, no internal codenames.
The activation logic: CLAUDE_CODE_UNDERCOVER=1 forces it on, otherwise it's automatic unless the repo remote matches an internal allowlist. There is no force-off option.
This confirms Anthropic employees actively contribute to open-source repositories using Claude Code โ with the AI told to hide that it's an AI.
๐ง TungstenTool & ConfigTool Ant-Only
Two tools that only load for Anthropic employees. ConfigTool allows modifying internal settings at runtime. TungstenTool provides advanced capabilities whose exact function isn't fully documented in the leaked source, but it appears in the tool registry exclusively for internal users.
๐งช Staging API & Debug Prompt Dumping Ant-Only
Internal users get access to a staging API at claude-ai.staging.ant.dev, internal beta headers, and a debug feature that dumps full system prompts to ~/.config/claude/dump-prompts/ โ letting Anthropic engineers inspect exactly what prompt Claude Code is constructing.
๐พ Model Codenames Ant-Only
The source confirms internal model codenames are animal names. Capybara is a Claude 4.6 variant, Fennec maps to Opus 4.6, and Numbat is still in testing. Tengu appears hundreds of times as a prefix for feature flags and analytics events โ it's Claude Code's internal project codename. The migrations directory shows the history: Fennec โ Opus, Sonnet 1M โ Sonnet 4.5 โ Sonnet 4.6.
The Tamagotchi inside your terminal
๐ฃ Buddy โ A Full Pet Companion System Easter Egg
This is not a joke. Claude Code has a complete Tamagotchi-style companion pet called "Buddy" with a deterministic gacha system, 18 species across 5 rarity tiers, shiny variants (1% chance), procedurally generated stats, and ASCII art sprites with animations.
The 18 Species
- Common (60%): Pebblecrab, Dustbunny, Mossfrog, Twigling, Dewdrop, Puddlefish
- Uncommon (25%): Cloudferret, Gustowl, Bramblebear, Thornfox
- Rare (10%): Crystaldrake, Deepstag, Lavapup
- Epic (4%): Stormwyrm, Voidcat, Aetherling
- Legendary (1%): Cosmoshale, Nebulynx
A Shiny Legendary Nebulynx has a 0.01% chance of being rolled. Each buddy gets 5 procedural stats: DEBUGGING, PATIENCE, CHAOS, WISDOM, and SNARK. The species names are obfuscated in the source code via String.fromCharCode() arrays to prevent string searches from finding them. The buddy has its own personality, sits next to your input prompt, and can respond when addressed by name. Code references suggest an April 1-7, 2026 teaser window with a full launch planned for May 2026.
What you can use right now
Battle-tested workflows from the source code analysis and the community.
๐ก The CLAUDE.md File Essential
This is the single most impactful thing you can do. Create a CLAUDE.md file in your project root. Claude reads it at the start of every session. Think of it as a persistent project brief โ your build commands, lint commands, testing commands, project structure, and coding conventions. This prevents Claude from wasting tokens scanning your codebase for basic info every session.
# CLAUDE.md
## Project
Next.js 15 app with TypeScript, Tailwind, Prisma ORM.
## Commands
- Build: `npm run build`
- Test: `npm test`
- Lint: `npm run lint`
- Dev: `npm run dev` (port 3000)
## Conventions
- Use `async/await` over `.then()` chains
- Components go in `src/components/`
- API routes in `src/app/api/`
- Always add error boundaries to new pages
๐งน Context Management โ The Most Important Skill Essential
The source reveals that auto-compact kicks in at 95% context capacity, but the automatic version may discard important details. You want to manage this manually.
- /compact โ Compress context. You can specify what to keep:
/compact retain the error handling patterns - /clear โ Nuclear option. Wipes all conversation history. Use when switching tasks entirely.
- Rule of thumb: Compact at natural breakpoints (after completing a task). Clear when changing topics.
๐ฐ Cost Control Tricks Money Saver
The source code's cost tracking system (cost-tracker.ts) reveals exactly how token billing works. Here's how to save:
- Switch to Haiku for mechanical tasks:
/model haiku - Use
/effort lowfor quick iterations where deep reasoning isn't needed - Run
/compactbefore context gets large โ bigger context = more cost per token - For custom commands that run frequently, add
model: haikuto the frontmatter - Don't enable Fast Mode mid-session โ the entire prior context gets re-billed
๐ Session Management Productivity
# Name your sessions for easy retrieval
claude -n "auth-refactor"
# Continue most recent session
claude -c
# Resume a specific named session
claude -r "auth-refactor"
# Fork a session (new ID, keeps context)
claude -c --fork-session
# Resume from a GitHub PR
claude --from-pr 42
๐ MCP Servers โ Extend Claude Code Power User
The source shows Claude Code's MCP (Model Context Protocol) system for connecting to external tools and data sources. Configure them in .mcp.json at your project root.
{
"mcpServers": {
"github": {
"type": "stdio",
"command": "npx",
"args": ["@modelcontextprotocol/server-github"],
"env": {
"GITHUB_PERSONAL_ACCESS_TOKEN": "$GITHUB_TOKEN"
}
}
}
}
Once connected, GitHub operations become slash commands in your session (e.g., list PRs, create PRs). Use /mcp to manage connections interactively.
๐ GitHub PR Reviews โ Auto-Review Setup Workflow
Run /install-github-app and Claude will automatically review your PRs. The source shows it adds a claude-code-review.yml file. Customize the review prompt โ the default is too verbose. Claude finds actual logic errors and security issues that humans typically miss while nitpicking variable names.
๐ File Referencing Basics
You can reference files directly in your prompts with @ syntax. If you don't know the exact path, Claude can grep for it. You can also run shell commands directly with the ! prefix to bypass conversational mode (which would use more tokens for the same result).
# Reference a specific file
Refactor the auth logic in @src/auth/handler.ts
# Run shell commands directly (saves tokens)
!git status
!npm test
The essential commands
50+ slash commands exist. Here are the ones you should actually memorize.
/compact โ Compress context (use at every natural breakpoint)/clear โ Wipe conversation (use when switching tasks)/model โ Switch models (haiku for simple tasks, opus for complex)/help โ See all available commands including custom ones/diff โ Review what Claude changed before accepting
| Command | What it Does | When to Use |
|---|---|---|
| /compact | Compress conversation context | Every 80% context usage or after completing a task |
| /clear | Wipe all conversation history | When switching to a completely different task |
| /model | Switch between Opus, Sonnet, Haiku | Haiku for simple tasks, Opus for complex reasoning |
| /diff | View changes Claude made | Before accepting any file modifications |
| /commit | Create a git commit | After completing a feature or fix |
| /review | Code review current changes | Before merging, after major refactors |
| /plan | Toggle plan mode (approve each action) | Unfamiliar codebase or big refactors |
| /fast | Toggle fast mode (Penguin Mode) | Rapid iteration, live debugging |
| /cost | Check session cost | When tracking spending |
| /doctor | Run environment diagnostics | When something isn't working |
| /mcp | Manage MCP server connections | Adding external tools (GitHub, DBs, etc.) |
| /memory | Manage persistent memory | When Claude forgets project context |
| /effort | Set reasoning effort level | Low for quick tasks, high for complex |
| /resume | Restore a previous session | Continuing yesterday's work |
| /hooks | Configure automation triggers | Setting up auto-format, auto-lint |
| /loop | Run recurring tasks | Monitoring deploys, watching tests |
| /vim | Toggle Vim mode | If you're a Vim user |
| /context | Visualize current context | Debugging context window issues |
| /theme | Change terminal theme | Aesthetic preference |
Shift+Tab cycles through: normal โ auto-accept โ plan mode. Esc cancels the current action. Use /keybindings to customize shortcuts via ~/.claude/keybindings.json.
The 44 flags that control everything
Compile-time flags that determine what ships in external builds vs. what stays internal.
| Flag | What It Gates | Status |
|---|---|---|
| PROACTIVE | Always-on assistant mode (KAIROS) | Unshipped |
| KAIROS | Background daemon with proactive actions | Unshipped |
| KAIROS_BRIEF | Brief command for concise responses | Unshipped |
| BRIDGE_MODE | Remote control via claude.ai | Unshipped |
| DAEMON | Background daemon mode | Unshipped |
| VOICE_MODE | Voice input for CLI | Unshipped |
| WORKFLOW_SCRIPTS | Workflow automation | Unshipped |
| COORDINATOR_MODE | Multi-agent orchestration | Unshipped |
| TRANSCRIPT_CLASSIFIER | AFK mode / ML auto-approval | Unshipped |
| BUDDY | Terminal companion pet system | Unshipped |
| NATIVE_CLIENT_ATTESTATION | Client authenticity verification | Unshipped |
| HISTORY_SNIP | History snipping tool | Unshipped |
| EXPERIMENTAL_SKILL_SEARCH | Skill discovery system | Unshipped |
Notable Beta API Headers (from constants/betas.ts)
| Beta Header | What It Enables |
|---|---|
| interleaved-thinking-2025-05-14 | Extended thinking / chain of thought |
| context-1m-2025-08-07 | 1M token context window |
| structured-outputs-2025-12-15 | Structured output format |
| fast-mode-2026-02-01 | Fast mode (Penguin) |
| redact-thinking-2026-02-12 | Redacted thinking (unreleased) |
| afk-mode-2026-01-31 | AFK mode (unreleased) |
| advisor-tool-2026-03-01 | Advisor tool (unreleased) |
| token-efficient-tools-2026-03-28 | Token-efficient tool schemas |
Your first productive session
A step-by-step workflow to go from zero to effective with Claude Code.
1 Install & Set Up
# Install globally
npm install -g @anthropic-ai/claude-code
# Set your API key (or use subscription)
export ANTHROPIC_API_KEY=sk-ant-...
# Launch in your project directory
cd your-project/
claude
2 Create Your CLAUDE.md First
Before doing anything else, create your project brief. This single file will save you more tokens and time than any other optimization. Include your build commands, testing commands, project structure, and coding conventions.
3 Learn the Session Flow
- Start focused: One task per session. Don't mix "refactor auth" with "fix the CSS bug."
- Name sessions:
claude -n "auth-refactor"โ you'll thank yourself tomorrow. - Review before accepting: Always
/diffbefore moving on. - Compact regularly:
/compactat natural breakpoints. Don't wait for auto-compact. - /clear when switching: Starting a new task? Clear first.
4 Build Your Custom Commands
The power users aren't typing long prompts every time. They're creating reusable commands. Start with 2-3 commands for your most common workflows.
# File: .claude/commands/test-and-fix.md
Run the test suite. If any tests fail, fix
them and run again until all tests pass.
Show me the final results.
Now just type /test-and-fix and go grab coffee.
5 Set Up Hooks for Guardrails
Don't rely on remembering to lint or format. Set up hooks so it happens automatically.
# Interactive hook setup
/hooks
# Or ask Claude to set them up for you
"Add hooks to auto-format Python files with black
after every edit, and run type-check after writes"
6 Graduate to Subagents & Skills
Once you're comfortable, create skills for complex workflows. Skills are model-invoked โ Claude decides when to use them based on context, like having a specialized assistant that activates itself.
# File: .claude/skills/code-reviewer/SKILL.md
---
name: code-reviewer
description: Review code for best practices.
Use when reviewing code or checking PRs.
allowed-tools: Read, Grep, Glob
---
# Review Checklist
1. Code organization and structure
2. Error handling
3. Performance considerations
4. Security concerns
5. Test coverage
Sources & Further Reading
Primary source analysis: Kuberwastaken/claude-code (detailed breakdown by Kuber Mehta)
Backup mirror: nirholas/claude-code
Coverage: VentureBeat, Rolling Out, Cybersecurity News, The AI Corner
Practical tips sourced from: builder.io, computingforgeeks, awesomeclaude.ai, shipyard.build