Anthropic's Mass DMCA Takedown Backfires: Claude Code Leaked Source Cloned 8,000+ Times Despite Notices

Anthropic's response to an accidental source code exposure has produced an object lesson in the limits of legal remedies in the internet age. After the company's Claude Code CLI shipped version 2.1.88 with an unintentional source map attachment containing its entire TypeScript codebase, Anthropic issued a wave of DMCA takedown notices to GitHub. The notices, described by TechCrunch as "thousands" in volume, swept up a large number of repositories with no connection to the leak. Anthropic later called the over-broad takedowns "an accident."

How the Leak Happened

The exposure originated with Claude Code's 2.1.88 update, released on March 31, 2026. Users on X (formerly Twitter) quickly discovered that the update's npm package included a source map file — a development artifact that maps compiled JavaScript back to its original TypeScript source. The source map contained Anthropic's complete Claude Code codebase, including files that describe unreleased features.

Within hours of the discovery, the codebase had been extracted, uploaded to GitHub, and forked extensively. According to The Decoder, the repository was cloned more than 8,000 times before Anthropic's DMCA campaign began in earnest — at which point the code had already achieved the kind of distributed persistence that makes digital containment effectively impossible.

What the Code Revealed

Beyond the accidental disclosure itself, the leaked source code contained details of two unreleased Claude features that generated significant community interest. One was a Tamagotchi-style "pet" system — an ambient AI companion that would persist across sessions, track user behavior, and develop a personalized interactive presence. The second was references to an always-on background agent capable of running autonomously on a user's machine without a active conversation window.

Both features suggest Anthropic is exploring deeper ambient AI integration — systems that are persistently present rather than invoked on demand. This aligns with an emerging design philosophy across the AI industry toward "agentic" experiences that observe, remember, and act continuously rather than in discrete request-response cycles.

The DMCA Overreach

Anthropic's attempt to contain the leak became its own story. GitHub's DMCA takedown system allows copyright holders to request rapid removal of infringing content, but the notices Anthropic filed were apparently drafted too broadly. A significant number of repositories with no connection to Claude Code were taken down before the error was identified. GitHub and Anthropic worked to restore the affected repositories after the mistake was caught.

The episode highlights a recurring tension in platform-era copyright enforcement: the tools available to rights holders were designed for a world where infringing content could be effectively removed. In a world where forking is instantaneous and decentralized, legal takedowns often serve as amplification — drawing attention to content that would otherwise have remained obscure.

Anthropic's Takeaway

The 8,000-clone figure is the clearest indicator of the leak's ultimate containment failure. Anthropic confirmed the source map was included accidentally and said it had patched the build pipeline to prevent similar disclosures. The company declined to comment on the specific feature details revealed in the leaked code, which remain officially unannounced.