On April 2, Rep. Josh Gottheimer (D-N.J.) sent a letter to Anthropic CEO Dario Amodei with pointed questions about two things that happened within weeks of each other: a major source code leak from Anthropic's coding tool, and the company quietly walking back a key safety commitment.
The Leak
On March 31, a security researcher discovered that Anthropic had accidentally published 513,000 lines of unobfuscated TypeScript source code from Claude Code. The code was bundled into a public npm package (the registry developers use to distribute JavaScript software) as a 59.8 MB source map file - essentially a debug artifact that should never ship in production.
The root cause was a packaging misconfiguration, likely related to Bun, the JavaScript runtime Anthropic acquired in late 2025. Bun generates source maps by default unless you explicitly turn that off, and someone apparently didn't.
What spilled out was revealing. The code referenced unreleased features like "KAIROS Mode" (a persistent background agent that can fix errors and send push notifications) and "Undercover Mode" (stealth contributions to open-source repos). It also contained internal model codenames, 44 feature flags for unreleased capabilities, and performance metrics showing a 29-30% false claims rate.
Anthropic's response: "No sensitive customer data or credentials were involved. This was a release packaging issue caused by human error, not a security breach." The company also filed copyright takedown requests to contain the spread - a move critics called ironic given Anthropic's own position on training data.
This was the second time in just over a year that Claude Code source material leaked publicly.
The Safety Question
Gottheimer's letter connects the leak to a separate concern: in late February, Anthropic revised its AI safety policy to remove a previous commitment to halt development if its models outpaced safety procedures. That's a significant shift for a company that has built its brand on being the "responsible" AI lab.
The letter also raises national security angles, referencing a 2025 incident where CCP-backed hackers reportedly used Claude to conduct cyberattacks. Gottheimer asked whether the upcoming Claude model codenamed "Mythos" could enable similar attacks, and pressed for details on how Anthropic prevents state actors from using its tools against U.S. interests.
Anthropic hasn't publicly responded to the letter yet. But the combination of a sloppy packaging error, weakened safety commitments, and congressional scrutiny puts the company in an uncomfortable position - particularly as it competes for government contracts and enterprise customers who care deeply about both security hygiene and safety credibility.