This repository provides a static analysis of the leaked TypeScript source code for Anthropic's Claude Code, a local code analysis agent. It aims to educate researchers and developers on the project's software architecture, security vulnerabilities, privacy implications, and core mechanisms like Agent Memory and Sandboxing. The benefit is a deep technical understanding of an AI coding agent's design and potential risks.

How It Works

The project meticulously dissects the leaked Claude Code source files, organizing findings into detailed analysis documents and diagrams. It explores the software architecture, program entry points, and execution paths, providing a visual overview of the CLI/multi-entry points, initialization, command/control, TUI/REPL, and the core Query/Agent execution kernel. Key areas of investigation include user information collection and usage, potential security risks within the codebase, the multi-layered Agent Memory system with session compression logic, extensibility via Skills, Tool Calls, and MCP integration, and the Sandbox isolation mechanism for mitigating local operation risks.

Quick Start & Requirements

This repository contains documentation and analysis of leaked source code, not a runnable application. It includes a src.zip file and a src/ directory for reference. No installation or execution commands are provided for the analysis itself.

Highlighted Details

• Comprehensive breakdown of software architecture, program startup, module characteristics, and UI component composition.
• In-depth security analysis covering user data collection, usage, code vulnerabilities, attack paths, and multi-layered defensive measures.
• Detailed explanation of the Agent Memory mechanism, including multi-level storage, session compression, and persistence.
• Technical implementation details for extensibility features like Skills, Tool Call, MCP integration, and Multi-Agent coordination.
• Analysis of the Sandbox isolation design and Tool Permission control for preventing local operation risks.
• Comparative analysis against competing tools such as Codex, Gemini CLI, Aider, and Cursor, supported by code evidence.

Maintenance & Community

No specific information regarding maintainers, community channels (like Discord/Slack), or roadmaps is present in the provided README.

Licensing & Compatibility

The content of this repository is strictly for academic research and technical learning purposes. Commercial use is explicitly prohibited. All rights to Claude Code belong to Anthropic. The authors disclaim responsibility for any direct or indirect losses incurred from using this analysis.

Limitations & Caveats

This analysis is based on leaked source code and is intended solely for educational and research purposes, prohibiting commercial application. The analysis highlights potential security risks and privacy concerns inherent in the analyzed Claude Code system, such as data leakage during model context interaction, local storage, and external component communication. The project is subject to removal upon request from Anthropic if deemed to infringe on their rights.