返回时间轴
2026-03-31

Claude Code source code leaks via npm, exposing secret agent features and sparking a supply chain attack

Safety & Ethics Products & Tools

事件摘要

On March 31, 2026, Anthropic accidentally exposed 512,000 lines of Claude Code source code through a source map file in its npm package. The leak revealed hidden features including 'KAIROS' (a persistent background agent), 'Undercover Mode' (for stealth open-source contributions), and 'Dreaming' (autonomous cross-session learning). It also triggered a supply chain attack as threat actors weaponized the leak with trojanized npm packages. The incident became the highest-profile AI source code leak in history.

影响评估

  • Risk Creation -1 · Short-term

    Largest AI source code leak in history. Exposed proprietary agent architectures. Triggered supply chain attack with trojanized packages. Established new category of AI security risk: operational code leaks.

    Affected Groups: AI developers, Anthropic users, open-source community, security teams

共识度与来源

重要度 L1
分类 Safety & Ethics / Products & Tools
共识度 Broad Consensus
影响指数 5/10

关联事件

← Origins
2025-02-24 L2

Claude Code launches, becoming the first widely-adopted production coding agent

Released on February 24, 2025 as a research preview alongside Claude 3.7 Sonnet, Claude Code was Anthropic's terminal-based agentic coding tool. Unlike earlier AI agent demos (Auto-GPT, Operator) that stayed experimental, Claude Code was adopted by real development teams for daily work — understanding entire codebases, writing patches, and executing multi-step coding tasks from the terminal. It marked a shift in how developers perceived AI: from a chat interface to a capable digital coworker that could be entrusted with production work. Claude Code was made generally available in May 2025 alongside Claude 4.

2026-01-25 L1

OpenClaw goes viral, creating the first mainstream personal AI agent phenomenon

On January 25, 2026, Austrian developer Peter Steinberger launched OpenClaw on Hacker News — an open-source AI agent that manages email, calendar, files, and code autonomously from chat apps. Within 24 hours it gained 9,000 GitHub stars, reached 100,000 in a week, and 247,000 by March, becoming the fastest-growing developer tool in history. By February, Steinberger was hired by OpenAI (project moved to an independent foundation) and NVIDIA announced NemoClaw at GTC. In China, OpenClaw sparked a nationwide 'raising the lobster' craze, with millions installing it on their devices.

→ Successors
2026-06-16 L1

SpaceX Acquires xAI and Cursor: Unprecedented AI Industry Consolidation

In 2026, Elon Musk's SpaceX executed two landmark AI acquisitions: acquiring xAI at a combined $1.25 trillion valuation in February, followed by a historic $60 billion all-stock acquisition of AI coding startup Cursor just days after SpaceX's record-breaking IPO in June. The deals represent the largest AI talent and technology consolidation in history, concentrating frontier AI capabilities (Grok models), AI coding tools (Cursor), and massive compute resources under a single entity, and signaled the convergence of aerospace, AI, and software development into integrated technology stacks.

Local Lineage Claude Code source c... 2026-03-31 · L1 Claude Code launch... 2025-02-24 · L2 OpenClaw goes vira... 2026-01-25 · L1 SpaceX Acquires xA... 2026-06-16 · L1