Today was a strange day in AI.

Someone noticed that Claude Code version 2.1.88 was published to the npm registry with a 59.8MB source map file accidentally attached. A source map maps minified code back to the original readable source. Within hours, people were posting screenshots. Someone backed it up on GitHub. Developers started digging.

What they found was not just a peek behind the curtain. It was the whole backstage.

What leaked

The source map shipped inside @anthropic-ai/claude-code version 2.1.88 on npm. Anthropic has since pulled it. The internet did not wait.

Buried inside were 44 feature flags covering features that are fully built but not yet shipped. Not vaporware. Compiled code sitting behind flags that compile to false when Anthropic ships the external build.

Here is a taste of what is already built:

• Background agents running 24/7 with GitHub webhooks and push notifications

• One Claude orchestrating multiple worker Claudes, each with a restricted toolset

• Cron scheduling for agents, create, delete, list jobs, external webhooks included

• Full voice command mode with its own CLI entrypoint

• Actual browser control via Playwright, not web_fetch, real browser

• Agents that can sleep and self-resume without user prompts

• Persistent memory across sessions without external storage

It is all built. They are releasing a new feature every two weeks because everything is already done.

Here is what is inside the full breakdown (this article)

The deep dive covers everything worth knowing from this leak, including the direct links to the source.

The two direct links — the original npm source map and the GitHub backup, both live as of publishing

• The 7 biggest technical takeaways — why the system prompts being in the CLI is genuinely surprising, why the Bash tool is the real crown jewel, what the axios dependency means for security, and why this was always readable even before the leak

• Every unshipped feature explained — all 20+ flagged features across MAJOR, IN-FLIGHT, INFRASTRUCTURE, and DEV TOOLING, with what each one actually does and how complete it looks

• The 44 feature flags, catalogued — the full list with descriptions, including the Ant-only internal tools that only load for Anthropic employees

• The leaked prompts — what is actually in Claude Code’s system prompt, why it is surprising it was ever in a distributed package, and what it reveals about how Claude reasons about its own tasks

• The safety angle — Anthropic’s own research shows Claude has tried to hack its own servers with a 12% sabotage rate, and now this. What to make of it.

• The 187 spinner verbs — someone at Anthropic is having a great time

• What this means for builders — the practical implications for anyone using Claude Code in production today

Access below the npm source map and the GitHub backup: