infoworld.com
by Howard Solomon
Mar 31, 2026

A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary source code.

An Anthropic employee accidentally exposed the entire proprietary source code for its AI programming tool, Claude Code, by including a source map file in a version of the tool posted on Anthropic’s open npm registry account, a risky mistake, says an AI expert.

“A compromised source map is a security risk,” said US-based cybersecurity and AI expert Joseph Steinberg. “A hacker can use a source map to reconstruct the original source code and [see] how it works. Any secrets within that code – if someone coded in an API key, for example – is at risk, as is all of the logic. And any vulnerabilities found in the logic could become clear to the hacker who can then exploit the vulnerabilities.”

However, Anthropic spokesperson told CSO, “no sensitive customer data or credentials were involved or exposed. This was a release packaging issue caused by human error, not a security breach. We’re rolling out measures to prevent this from happening again.”

But it wasn’t the first time this had happened; according to Fortune and other news sources, the same thing happened last month.

Don’t expose .map files
Map files shouldn’t be left in the final version of code published on open source registries, where anyone can download a package; they can be sources of useful information for hackers.

According to developer Kuber Mehta, who published a blog on the latest incident, when someone publishes a JavaScript/TypeScript package to npm, the build toolchain often generates source map files (.map files). These files are a bridge between the minified/bundled production code and the original source; they exist so that when something crashes in production, the stack trace can point to the actual line of code in the original file, not to some unintelligible reference.

What’s available in these files? “Every file. Every comment. Every internal constant. Every system prompt. All of it, sitting right there in a JSON file that npm happily serves to anyone who runs npm pack or even just browses the package contents,” said Mehta.

“The mistake is almost always the same: someone forgets to add *.map to their .npmignore or doesn’t configure their bundler to skip source map generation for production builds,” Mehta said. “With Bun’s bundler (which Claude Code uses), source maps are generated by default unless you explicitly turn them off.”

Think of a source map as a file that shows what parts of minified computer code, which is not easily understandable to humans, are doing, shown in the human-readable source code, said Steinberg. For example, he said, it may indicate that the code in a specific portion of the executable code is performing the instructions that appear in some specific snippet of source code.

A source map can help with debugging, he added. Without it, he said, many errors would be identified as coming from a larger portion of code, rather than showing exactly where the errors occur.