[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"article-claude-code-leak-reveals-hidden-features-en":3,"article-related-claude-code-leak-reveals-hidden-features-en":25,"series-tools-07968cc8-f216-4938-9e22-1b7f92ae3311":76},{"id":4,"slug":5,"title":6,"content":7,"summary":8,"source":9,"source_url":10,"author":11,"image_url":12,"cover_image":12,"category":13,"language":14,"translated_content":11,"related_article_id":15,"keywords":16,"key_takeaways":11,"views":22,"created_at":23,"published_at":24,"topic_cluster_id":11},"07968cc8-f216-4938-9e22-1b7f92ae3311","claude-code-leak-reveals-hidden-features-en","Claude Code泄露后，代码库露出什么","\u003Cp>7小时，51万行代码，1906个源文件。\u003Ca href=\"https:\u002F\u002Fwww.npmjs.com\u002Fpackage\u002F@anthropic-ai\u002Fclaude-code\" target=\"_blank\" rel=\"noopener\">Claude Code\u003C\u002Fa> 的一次发布失误，把这些内容直接摊在了公开视野里。更离谱的是，这次泄露暴露的不是几段前端脚本，而是一整套本地 CLI 的内部实现、未发布功能和安全流程。\u003C\u002Fp>\u003Cp>这类事故之所以让开发者格外敏感，是因为 \u003Ca href=\"\u002Fnews\u002Fopenai-plugin-claude-code-workflow-cuts-four-steps-en\">Claude Code\u003C\u002Fa> 不是普通网页应用。它跑在用户机器上，最值钱的交互逻辑、权限判断、任务编排，很多都在客户端里完成。源码一旦可读，竞争对手看到的就不是“界面长什么样”，而是“它怎么想、怎么做、怎么控风险”。\u003C\u002Fp>\u003Ch2>一次 source map 失误，后果有多大\u003C\u002Fh2>\u003Cp>这次外泄的导火索，是一个约60MB的 source map 文件被打进了 npm 发布包。source map 本来用于调试，把压缩后的代码映射回原始源码；它不该跟正式版本一起分发。可一旦它出现在包里，原本难读的构建产物就能被还原成接近原始工程的结构。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1775179135628-e89m.png\" alt=\"Claude Code泄露后，代码库露出什么\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>对 Web 前端来说，这通常意味着样式、交互和部分业务逻辑被看见；对 \u003Ca href=\"https:\u002F\u002Fdocs.anthropic.com\u002Fen\u002Fdocs\u002Fclaude-code\" target=\"_blank\" rel=\"noopener\">Anthropic Claude Code\u003C\u002Fa> 这种本地编程工具来说，情况严重得多。因为它的大量能力都在客户端侧完成，尤其是命令执行、文件读写、上下文压缩、会话管理这类模块，几乎就是产品本体。\u003C\u002Fp>\u003Cul>\u003Cli>泄露规模：约51万行代码\u003C\u002Fli>\u003Cli>源文件数量：1906个\u003C\u002Fli>\u003Cli>泄露文件体积：约60MB source map\u003C\u002Fli>\u003Cli>社区备份库短时间内获得2万+星标\u003C\u002Fli>\u003C\u002Ful>\u003Cp>从开发者角度看，这件事最值得复盘的不是“谁先把仓库镜像走了”，而是为什么一个调试文件能直接把产品内部结构掀开。答案很简单：发布流程里多了一层不该存在的构建产物，安全边界就被自己打穿了。\u003C\u002Fp>\u003Ch2>隐藏功能比想象中多\u003C\u002Fh2>\u003Cp>代码一公开，社区就开始做静态分析和仓库镜像。有人专门搭了 \u003Ca href=\"http:\u002F\u002Fccleaks.com\" target=\"_blank\" rel=\"noopener\">ccleaks.com\u003C\u002Fa> 来整理发现，陆续挖出35个编译时特性标志、120多个隐藏环境变量、200多个远程控制开关。里面最吸睛的，不是某个小修小补，而是一批看起来已经接近产品化的新模块。\u003C\u002Fp>\u003Cp>其中一个最有传播度的功能叫 Buddy。它是一个终端里的电子宠物系统，走的是 Tamagotchi 风格，能在命令行里显示不同物种的 ASCII 形象。代码里写了18种物种、6种稀有度，普通款占60%，传奇款只有1%。每个用户的宠物还会根据账户 ID 唯一生成，听上去像是为终端用户准备的轻量陪伴功能。\u003C\u002Fp>\u003Cblockquote>“A release is only as good as its last automated test.” — Kent Beck\u003C\u002Fblockquote>\u003Cp>这句话出自 Kent Beck，虽然他说的不是这次事故，但很贴切：当发布流程里有一个环节没被测试覆盖，后果往往不是一个小 bug，而是一整包不该公开的内容。Claude Code 的泄露正好说明，构建产物检查和发布前扫描不能只靠人眼。\u003C\u002Fp>\u003Cp>除了 Buddy，代码里还出现了几个更偏生产力方向的模块。它们大多还没完整上线，但轮廓已经很清楚：\u003C\u002Fp>\u003Cul>\u003Cli>Kairos：持久化助手模式，目标是跨会话长期记忆\u003C\u002Fli>\u003Cli>Ultraplan：基于更强模型做最长30分钟的深度任务规划\u003C\u002Fli>\u003Cli>多 Agent 协调：同时跑多个独立实例处理并行任务\u003C\u002Fli>\u003Cli>跨会话通信：多个 Claude 会话之间可以互发消息\u003C\u002Fli>\u003Cli>守护进程模式：让会话管理器像系统服务一样后台运行\u003C\u002Fli>\u003C\u002Ful>\u003Cp>这些功能说明 Claude Code 的路线很明确：它不想只做一个“会写命令的聊天窗口”，而是想把会话、记忆、规划和并行执行揉成一个本地工作台。问题在于，路线图被提前摊开之后，外界也能更快判断它到底在往哪走。\u003C\u002Fp>\u003Ch2>安全架构很硬，代码质量却不均匀\u003C\u002Fh2>\u003Cp>如果只看安全设计，Claude Code 的内部工程确实有不少可取之处。每次工具调用都要先过六级权限验证，再进入四层决策管道做进一步检查。外部命令和插件还被放进独立沙箱里运行，输入输出也走了单独的非阻塞缓冲区，避免主会话被卡住。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1775179131207-wvz4.png\" alt=\"Claude Code泄露后，代码库露出什么\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>更细一点看，它还会在上下文变长时自动压缩内容，把关键逻辑链条尽量保留下来。这个设计很像一套面向高频交互的本地代理系统：既要快，又要控风险，还要能在长会话里维持足够的状态感。单从架构图推测，团队对“AI 工具如何安全地碰系统”这件事想得不少。\u003C\u002Fp>\u003Cp>但源码泄露的价值，恰恰在于它会把优点和缺点一起照亮。社区翻到 \u003Ccode>src\u002Fcli\u002Fprint.ts\u003C\u002Fcode> 时，发现一个函数写了3000多行，嵌套层数达到12层，复杂度高得有点夸张。再往下看，情绪检测甚至没有上模型，而是直接用正则去匹配诸如 ffs、shitty 之类的词。\u003C\u002Fp>\u003Cul>\u003Cli>工具调用前要经过6级权限验证\u003C\u002Fli>\u003Cli>执行前还有4层决策管道\u003C\u002Fli>\u003Cli>外部命令和插件在独立沙箱中运行\u003C\u002Fli>\u003Cli>上下文超阈值后会自动压缩\u003C\u002Fli>\u003Cli>单个函数长度超过3000行，嵌套12层\u003C\u002Fli>\u003C\u002Ful>\u003Cp>这组对比很有意思：一边是严肃的安全层和执行隔离，一边是让人皱眉的超长函数和朴素文本匹配。它说明大型 AI 工具的真实代码库，往往不是“全都优雅”或“全都混乱”，而是高标准和历史包袱混在一起。\u003C\u002Fp>\u003Ch2>Anthropic的安全叙事，被自己人打断了\u003C\u002Fh2>\u003Cp>这次泄露并不是孤例。就在几天前，\u003Ca href=\"https:\u002F\u002Fwww.anthropic.com\u002F\" target=\"_blank\" rel=\"noopener\">Anthropic\u003C\u002Fa> 还因为第三方 CMS 配置错误，导致近3000个内部资产被公开访问。那次事件里，外界看到了代号 \u003Ca href=\"https:\u002F\u002Fwww.anthropic.com\u002Fnews\u002Fclaude-4\" target=\"_blank\" rel=\"noopener\">Claude Mythos\u003C\u002Fa> 的未发布模型相关材料，内部文件还把它描述成能力上的一次大幅跃升。\u003C\u002Fp>\u003Cp>再往前看，Claude Code 在2025年2月首发时就已经出过一次 source map 泄露。也就是说，同类错误不是第一次发生，而是反复发生。对一家把 AI 安全写进公司叙事的企业来说，这种重复比单次事故更伤，因为它暴露的是流程问题，不只是技术失手。\u003C\u002Fp>\u003Cp>下面这组数字，把问题说得更直白：\u003C\u002Fp>\u003Cul>\u003Cli>3月26日：约3000个内部资产因 CMS 配置错误暴露\u003C\u002Fli>\u003Cli>几天后：Claude Code 发布包再度泄露 source map\u003C\u002Fli>\u003Cli>2月首发时：同类问题已经出现过一次\u003C\u002Fli>\u003Cli>本次外泄：1906个源文件、51万行代码可读\u003C\u002Fli>\u003C\u002Ful>\u003Cp>有人会说，模型权重、训练数据和用户数据都没有泄露，真正的核心没丢。这话有道理，但也只说对了一半。对于一款本地 CLI 工具，产品逻辑、发布节奏、隐藏开关和安全策略本身就是竞争资产。别人拿到这些信息，已经足够复刻一个相当接近的版本。\u003C\u002Fp>\u003Ch2>这次泄露真正说明了什么\u003C\u002Fh2>\u003Cp>Claude Code 的这次事故，不只是一次“包里多塞了个文件”的低级失误。它还说明，AI 工具一旦把更多能力放到本地，发布链路就会变得更脆弱：一个构建配置、一次打包疏忽、一个没删干净的调试产物，都可能把内部实现完整送出去。\u003C\u002Fp>\u003Cp>更现实的判断是，接下来大家会更频繁地看到类似问题。原因很简单：AI Agent 已经开始参与写代码、跑测试、生成提交、管理发布流程，自动化程度越高，错误也越容易被批量放大。真正值得关注的，不是某家公司这次丢了多少行代码，而是它能不能把“不要把 source map 打进正式包”这种事情变成硬规则。\u003C\u002Fp>\u003Cp>如果 Anthropic 想把这次事故变成一次有效修正，最该做的不是解释得更漂亮，而是把发布检查、产物扫描和权限审计做成不可绕过的门槛。否则下次被扒出来的，可能就不只是隐藏指令和电子宠物，而是更敏感的产品策略和执行细节。\u003C\u002Fp>","Claude Code源码意外外泄后，社区挖出51万行代码、26个隐藏指令和6级安全验证，细节很扎眼。","zhuanlan.zhihu.com","https:\u002F\u002Fzhuanlan.zhihu.com\u002Fp\u002F2022446438307624517",null,"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1775179135628-e89m.png","tools","en","3c91a0d0-0ada-4e8b-8140-3c2c75cc84b6",[17,18,19,20,21],"Claude Code","Anthropic","source map","AI安全","源码泄露",11,"2026-04-03T01:18:34.353501+00:00","2026-04-03T01:18:34.333+00:00",{"tags":26,"relatedLang":35,"relatedPosts":39},[27,29,31,33],{"name":20,"slug":28},"ai安全",{"name":17,"slug":30},"claude-code",{"name":18,"slug":32},"anthropic",{"name":19,"slug":34},"source-map",{"id":15,"slug":36,"title":37,"language":38},"claude-code-leak-reveals-hidden-features-zh","Claude Code外洩後，程式碼庫露出什麼","zh",[40,46,52,58,64,70],{"id":41,"slug":42,"title":43,"cover_image":44,"image_url":44,"created_at":45,"category":13},"426e735b-aedc-45a9-bf1c-7e84ece9493e","codex-deepseek-v4-pro-moark-setup-en","Codex 接入 DeepSeek-V4-Pro，三步可用","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1782738173484-wn38.png","2026-06-29T13:02:25.248526+00:00",{"id":47,"slug":48,"title":49,"cover_image":50,"image_url":50,"created_at":51,"category":13},"3fb3a982-e726-4b72-af23-5fa3294d18bc","devin-ai-alternatives-real-workflows-en","Devin AI Alternatives That Fit Real Workflows","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1782732808399-w5eg.png","2026-06-29T11:32:58.823843+00:00",{"id":53,"slug":54,"title":55,"cover_image":56,"image_url":56,"created_at":57,"category":13},"2d074071-d7aa-454e-bdee-da0a52c0ea66","claude-code-turns-agent-setup-into-terminal-work-en","Claude Code turns agent setup into terminal work","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1782731910708-9ol7.png","2026-06-29T11:18:02.20016+00:00",{"id":59,"slug":60,"title":61,"cover_image":62,"image_url":62,"created_at":63,"category":13},"8008013b-982a-4d2d-879f-7010a7fe4c14","best-ai-coding-agent-2026-ranked-benchmarks-en","Best AI Coding Agent 2026, Ranked by Benchmarks","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1782730991658-n99x.png","2026-06-29T11:02:39.121798+00:00",{"id":65,"slug":66,"title":67,"cover_image":68,"image_url":68,"created_at":69,"category":13},"ab601a41-618a-4ce3-80a5-51be58465863","openclaw-bailian-qwen37-max-config-template-en","OpenClaw配置百炼Qwen3.7-Max接入模板","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1782715689491-easw.png","2026-06-29T06:47:44.970402+00:00",{"id":71,"slug":72,"title":73,"cover_image":74,"image_url":74,"created_at":75,"category":13},"c93a893b-79b9-4a7c-b1ad-474ad3aaf94a","mistral-ocr-4-citation-ready-structured-output-en","Mistral OCR 4 turns scans into citation-ready data","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1782702193433-o2ts.png","2026-06-29T03:02:47.761739+00:00",[77,82,87,92,97,102,107,112,117,122],{"id":78,"slug":79,"title":80,"created_at":81},"8008f1a9-7a00-4bad-88c9-3eedc9c6b4b1","surepath-ai-mcp-policy-controls-en","SurePath AI's New MCP Policy Controls Enhance AI Security","2026-03-26T01:26:52.222015+00:00",{"id":83,"slug":84,"title":85,"created_at":86},"27e39a8f-b65d-4f7b-a875-859e2b210156","mcp-standard-ai-tools-2026-en","MCP Standard in 2026: Integrating AI Tools","2026-03-26T01:27:43.127519+00:00",{"id":88,"slug":89,"title":90,"created_at":91},"165f9a19-c92d-46ba-b3f0-7125f662921d","rag-2026-transforming-enterprise-ai-en","How RAG in 2026 is Transforming Enterprise AI","2026-03-26T01:28:11.485236+00:00",{"id":93,"slug":94,"title":95,"created_at":96},"6a2a8e6e-b956-49d8-be12-cc47bdc132b2","mastering-ai-prompts-2026-guide-en","Mastering AI Prompts: A 2026 Guide for Developers","2026-03-26T01:29:07.835148+00:00",{"id":98,"slug":99,"title":100,"created_at":101},"3ab2c67e-4664-4c67-a013-687a2f605814","garry-tan-open-sources-claude-code-toolkit-en","Garry Tan Open-Sources a Claude Code Toolkit","2026-03-26T08:26:20.245934+00:00",{"id":103,"slug":104,"title":105,"created_at":106},"66a7cbf8-7e76-41d4-9bbf-eaca9761bf69","github-ai-projects-to-watch-in-2026-en","20 GitHub AI Projects to Watch in 2026","2026-03-26T08:28:09.752027+00:00",{"id":108,"slug":109,"title":110,"created_at":111},"9f332fda-eace-448a-a292-2283951eee71","practical-github-guide-learning-ml-2026-en","A Practical GitHub Guide to Learning ML in 2026","2026-03-27T01:16:50.125678+00:00",{"id":113,"slug":114,"title":115,"created_at":116},"1b1f637d-0f4d-42bd-974b-07b53829144d","aiml-2026-student-ai-ml-lab-repo-review-en","AIML-2026 Is a Bare-Bones Student Lab Repo","2026-03-27T01:21:51.661231+00:00",{"id":118,"slug":119,"title":120,"created_at":121},"6d1bf3f6-e191-4d30-b55b-8a0722fa6afe","ai-trending-github-repos-and-research-feeds-en","AI Trending Tracks Repos and Research Feeds","2026-03-27T01:31:35.709532+00:00",{"id":123,"slug":124,"title":125,"created_at":126},"010539a1-4c3a-4bd3-937a-26616422ee0d","awesome-ai-for-science-research-tools-map-en","Awesome AI for Science Is Becoming a Real Research Map","2026-03-27T01:46:50.89513+00:00"]