Anthropic blames human error for 512,000-line Claude Code leak; Boris Cherny calls for more automation- Moneycontrol.com
Company to boost automation to avoid future deployment errors
Anthropic has attributed the recent leak of its Claude Code internal source to a manual deployment error, with creator Boris Cherny stating that a missed step in the release process led to the exposure of over 512,000 lines of code.
According to Cherny, the incident was not the result of a security breach but a breakdown in internal processes. The deployment pipeline included manual steps, and one of these was not completed correctly, leading to the unintended release of around 1,900 files.
He emphasised that such incidents should be viewed as systemic failures rather than individual mistakes. No employees were dismissed following the incident, with the company focusing on process improvements instead.
What the leaked code revealed
Developers who accessed the leaked repository identified references to unreleased models, including codenames such as "Capybara" and "Tengu." There were also mentions of future model versions, including Opus 4.7 and Sonnet 4.8.
The codebase contained experimental features, including a Tamagotchi-style assistant that reacts to user input and a background agent system referred to as "KAIROS." Additionally, an internal dashboard tracking user frustration through language signals was identified.
Proposed fix: More automation
Cherny has proposed increasing automation in the deployment process as a solution. His approach involves reducing reliance on manual steps and using Claude itself to validate deployments.
This position aligns with his earlier comments suggesting that coding tasks are increasingly automated and that the role of software engineers may evolve significantly.
This marks the second instance of internal exposure at Anthropic in a short period, following the discovery of draft materials related to an upcoming model on a public system.
The latest incident has triggered discussions within the developer community around deployment practices, process reliability, and the role of automation in reducing operational risk.