The Claude Code Source Leak: fake tools, frustration regexes, undercover mode

Posted by alex000kim 7 hours ago

The Claude Code Source Leak: fake tools, frustration regexes, undercover mode(alex000kim.com)

167 points | 64 commentspage 2

seanwilson 2 hours ago|

Anyone else have CI checks that source map files are missing from the build folder? Another trick is to grep the build folder for several function/variable names that you expect to be minified away.

simianwords 2 hours ago||

> The obvious concern, raised repeatedly in the HN thread: this means AI-authored commits and PRs from Anthropic employees in open source projects will have no indication that an AI wrote them. It’s one thing to hide internal codenames. It’s another to have the AI actively pretend to be human.

I don’t get it. What does this mean? I can use Claude code now without anyone knowing it is Claude code.

alex000kim 2 hours ago||

technically you're correct, but look at the prompt https://github.com/alex000kim/claude-code/blob/main/src/util...

it's written to _actively_ avoid any signs of AI generated code when "in a PUBLIC/OPEN-SOURCE repository".

Also, it's not about you. Undercover mode only activates for Anthropic employees (it's gated on USER_TYPE === 'ant', which is a build-time flag baked into internal builds).

simianwords 2 hours ago||

I don’t know what you mean. It just informs to not use internal code names.

robflynn 2 hours ago|||

It also says don't announce that you are AI in any way including asking it to not say "Co-authored by Claude". I read the file myself.

I'm still inclined to think people might be overreacting to that bit since it seems to be for anthropic-only to prevent leaking internal info.

But I did read the prompt and it did say hide the fact that you are AI.

simianwords 1 hour ago||

Why does that matter though

robflynn 31 minutes ago||

There are probably different reasons for different people. I can definitely see the angle that trying to specifically pretend to not be AI when contributing to open source could be seen as a bad thing due to the open source supply chain attacks, some AI-driven, that we've been having, not to mention the AI-slop PR spam.

But, I also get Anthropic's side that when they're contributing they don't want their internals leaked. If it had been left at that, that's fine, but having it pretend like it's not AI at all rubs me a little bit the wrong way. Why try to hide it?

simianwords 16 minutes ago||

>There are probably different reasons for different people. I can definitely see the angle that trying to specifically pretend to not be AI when contributing to open source could be seen as a bad thing due to the open source supply chain attacks, some AI-driven, that we've been having, not to mention the AI-slop PR spam.

But none of the other agents advertise that the commit was done by an agent. Like Codex. Your panic should apply equally to already existing agents like Codex no?

giancarlostoro 2 hours ago|||

I agree with you, I think people are overthinking this.

slopinthebag 2 hours ago||

I think it means OSS projects should start unilaterally banning submissions from people working for Anthropic.

simianwords 2 hours ago||

Why? What does this have to do with the leak

simianwords 2 hours ago||

Guys I’m somewhat suspicious of all the leaks from Anthropic and think it may be intentional. Remember the leaked blog about Mythos?

Analemma_ 1 hour ago||

It's possible, but Anthropic employees regularly boast (!) that Claude Code is itself almost entirely vibe-coded (which certainly seems true, based on the generally-low quality of the code in this leak), so it wouldn't at all surprise me to have that blow up twice in the same week. Probably it might happen with accelerating frequency as the codebase gets more and more unmanageable.

__blockcipher__ 1 hour ago||

I'm normally suspicious but honestly they've been so massively supply-constrained that I don't think it really benefits them much. They're not worried about getting enough demand for the new models; they're worrying about keeping up with it.

Granted, there's a small counterargument for mythos which is that it's probably going to be API-only not subscription

simianwords 1 hour ago||

Why would Claude code mention Mythos then

hxugufjfjf 51 minutes ago|||

You can still use Claude Code with API-only.

drewnick 1 hour ago|||

You can use Claude Code with API mode (not a sub)

simianwords 48 minutes ago||

fair but I'm guessing access would be limited to 20x max users or something like that. not gated by API.

OfirMarom 2 hours ago|

Undercover mode is the most concerning part here tbh.

anonymoushn 2 hours ago|

why

AnimalMuppet 2 hours ago||

Well, as a general rule, I don't do business with people who lie to me.

You've got a business, and you sent me junk mail, but you made it look like some official government thing to get me to open it? I'm done, just because you lied on the envelope. I don't care how badly I need your service. There's a dozen other places that can provide it; I'll pick one of them rather than you, because you've shown yourself to be dishonest right out of the gate.

Same thing with an AI (or a business that creates an AI). You're willing to lie about who you are (or have your tool do so)? What else are you willing to lie to me about? I don't have time in my life for that. I'm out right here.

otterley 1 hour ago|||

Out of curiosity, given two code submissions that are completely identical—one written solely by a human and one assisted by AI—why should its provenance make any difference to you? Is it like fine art, where it’s important that Picasso’s hand drew it? Or is it like an instruction manual, where the author is unimportant?

Similarly, would you consider it to be dishonest if my human colleague reviewed and made changes to my code, but I didn’t explicitly credit them?

feature20260213 56 minutes ago|||

Yes because you can be sued for copyright violation if you don't know the origin of one, and not the other.

otterley 33 minutes ago||

As an attorney, I know copyright law. (This is not legal advice.) There's nothing about copyright law that says you have to credit an AI coding agent for contributing to your work. The person receiving the code has to perform their due diligence in any case to determine whether the author owns it or has permission from the owner to contribute it.

AnimalMuppet 1 hour ago|||

Why does the provenance make any difference? Let me increase your options. Option 1: You completely hand-wrote it. Option 2: You were assisted by an AI, but you carefully reviewed it. Option 3: You were assisted by an AI (or the AI wrote the whole thing), and you just said, "looks good, YOLO".

Even if the code is line-for-line identical, the difference is in how much trust I am willing to give the code. If I have to work in the neighborhood of that code, I need to know what degree of skepticism I should be viewing it with.

otterley 1 hour ago||

That's the thing. As someone evaluating pull requests, should you trust the code based on its provenance, or should you trust it based on its content? Automated testing can validate code, but it can't validate people.

ISTM the most efficient and objective solution is to invest in AI more on both sides of the fence.

simianwords 2 hours ago|||

What’s the lie? It’s just asking to not reveal internal names

BoredPositron 1 hour ago||

You are spamming the whole fucking thread with the same nonsense. It is instructed to hide that the PR was made via Claude Code. I don't know why people who are so AI forward like yourself have such a problem with telling people that they use AI for coding/writing, it's a weirdly insecure look.

simianwords 1 hour ago||

I can do that right now with Claude Code without this undercover mode.. In fact I do it many times at work. What's the big deal in this?

Do you not think it is an overreaction to panic like this if I can do exactly what the undercover mode does by simply asking Claude?

BoredPositron 59 minutes ago||

It's different if it's an institutional decision or a personal like in your case. Which is and I am repeating myself here borderline insecure.

simianwords 57 minutes ago||

what's insecure about it? if it is up to the institution to make that decision - you can still do it. Claude is not stopping you from making that decision

BoredPositron 50 minutes ago||

You have to work on your reading comprehension or you are intentional deceptive. Bye.