AI developer Anthropic has come under fresh scrutiny after two accidental exposures of sensitive internal data within a single week. The incidents contrast with the company’s carefully cultivated reputation as a cautious and responsible AI developer.

The first issue emerged when nearly 3,000 internal files were inadvertently made public. Among the documents was a draft blog post describing a new model the company had not yet officially announced.

A second and more significant leak occurred when Anthropic released version 2.1.88 of its coding tool, Claude Code. The update unintentionally included a file exposing roughly 2,000 source files—more than 512,000 lines—revealing the architecture behind the software.

Security researcher Chaofan Shou discovered the exposure and quickly shared the finding on X, drawing attention from developers and cybersecurity analysts worldwide. The discovery intensified discussion about security practices within leading AI firms.

Anthropic responded by calling the incident a release packaging error caused by human oversight rather than a breach. Despite this explanation, the scale of the exposed code raised concerns about internal safeguards.

Claude Code is a key command-line tool that enables developers to write and edit software using Anthropic’s AI capabilities. Its growing popularity has reportedly caught the attention of competitors such as OpenAI.

Although the leak did not expose the AI model itself, it revealed the surrounding software infrastructure that determines how the system operates. Developers who examined the files described it as a full platform, not just a wrapper around an API.

The long-term impact of the incident remains uncertain, but it highlights the challenges even advanced AI companies face in managing sensitive technology and maintaining strong internal controls.