This is a most excellent place for technology news and articles.
Perhaps the most discussed technical detail is the "Undercover Mode." This feature reveals that Anthropic uses Claude Code for "stealth" contributions to public open-source repositories.
The system prompt discovered in the leak explicitly warns the model: "You are operating UNDERCOVER... Your commit messages... MUST NOT contain ANY Anthropic-internal information. Do not blow your cover."
Laws should have been put in place years ago to make it so that AI usage needs to be explicitly declared.
The system prompt discovered in the leak explicitly warns the model: "You are operating UNDERCOVER... Your commit messages... MUST NOT contain ANY Anthropic-internal information. Do not blow your cover."
This is so incredibly stupid.
You've tried security.
You've tried security through obscurity.
Now try security through giving instructions to an LLM via a system prompt to not blow its cover.
Haven't read the article and have a limited knowledge of ai, but I wonder if they do this for reinforcement learning: So OSS PR responses can be used to label different weights and models. Using even more free labor to train their models.
In Europe we have the AI act which, as of August, will introduce some form of transparency obligations. Not perfect obviously but a start. Probably will not be followed by the rest of the world though so like GDPR it will be forcibly eroded by other’s interests through lobbying but at least we try.
With how massive of a computer science field artificial intelligence is and how much of it already is or is getting added to every piece of software that exists, a label like that would be equally useless as the California prop 65 cancer warnings.
Do you use a mobile keyboard that supports swipe typing and has autocorrect? Remember to mark everything you write as being AI assisted.
Well yes, if you let autocorrect write code contribution, I think you should lable that contribution as AI.
If you installed or updated Claude Code via npm on March 31, 2026, between 00:21 and 03:29 UTC, you may have inadvertently pulled in a malicious version of axios (1.14.1 or 0.30.4) that contains a Remote Access Trojan (RAT). You should immediately search your project lockfiles (package-lock.json, yarn.lock, or bun.lockb) for these specific versions or the dependency plain-crypto-js. If found, treat the host machine as fully compromised, rotate all secrets, and perform a clean OS reinstallation.
Lol 😂
This is because if an unrelated hack on npm’s latest build. Anyone with this version of npm is affected
That axios supply chain attack was a bitch. There were extensions compromised from that shit.
Be careful not to introduce security vulnerabilities such as command injection, XSS, SQL injection, and other OWASP top 10 vulnerabilities. If you notice that you wrote insecure code, immediately fix it.
Lmao. I'm sure that will solve the problem of it writing insecure slop code.
It doesn't fix it, but as stupid as it looks, it should actually improve the chances.
If you've seen how the reasoning works, they basically spit out some garbage, then read it again and think whether it's garbage enough or not.
They do try to 'correct their errors', so to say.
That’s not enabled by default afaik and it burns through way more tokens looping its output through several times. It also adds a bunch more context which will bring you that much closer to context collapse.
I didn't turn it on, and I see it doing it all the time. In my case though the mistakes are often absurd. I often feel like claude is a very junior programmer that has a hard time remembering the original requirements.
While true, the latest opus model has 1m token context. Which is a lot more than the previous 200k limit. Hard to fill that up with regular work, but easy if you try to oneshot a whole product.
Sounds exactly like half the managers I've ever worked with.
That sounds like written by some dumbass vibe-coder who actually believes their LLM is "smart".
Normally, I’d be reading about NPM security breaches and AI security breaches separately, but now I can get them in the same article! Truly amazing how technology has progressed.
Fun times ahead!
I mean it's not that big a deal. However, it would another thing if the model itself leaked. Now that would be something.
edit: Like I thought, it turns out to be a TS wrapper with more internal prompts. The fireship video is really funny, they use regex to detect if the user is angry 😭
As they tell it, Claude Code is over 80% written by the models anyway...
The harness is as important as the model
By 4:23 am ET, Chaofan Shou (@Fried_rice), an intern at Solayer Labs, broadcasted the discovery on X (formerly Twitter).
Ha, by an intern
Nice. One of the ways to write Chaofan in Chinese is 炒饭, which means fried rice. Amazing to be able to get that Twitter handle
Like a healthy brain. And just like a healthy brain, it'll still hallucinate and make mistakes probably:
The leaked source reveals a sophisticated, three-layer memory architecture that moves away from traditional "store-everything" retrieval.
As analyzed by developers like @himanshustwts, the architecture utilizes a "Self-Healing Memory" system.
We’re gonna make AGI and realize that being stupid sometimes and making mistakes is integral to general intelligence.
Actually, the people in the know...already knew this. We've known for years. Mistakes are required for learning.
being stupid sometimes and making mistakes is integral to general intelligence.
Smart people figured this out a long time ago.
https://www.amazon.com/s?k=nassim+taleb+antifragile&adgrpid=187118826460
https://www.goodreads.com/en/book/show/18378002-intuition-pumps-and-other-tools-for-thinking
That’s what makes us humans at least…
At its core is MEMORY.md, a lightweight index of pointers (~150 characters per line) that is perpetually loaded into the context. This index does not store data; it stores locations.
Actual project knowledge is distributed across "topic files" fetched on-demand, while raw transcripts are never fully read back into the context, but merely "grep’d" for specific identifiers.
This "Strict Write Discipline"—where the agent must update its index only after a successful file write—prevents the model from polluting its context with failed attempts.
For competitors, the "blueprint" is clear: build a skeptical memory. The code confirms that Anthropic’s agents are instructed to treat their own memory as a "hint," requiring the model to verify facts against the actual codebase before proceeding.
Interesting to see if continue.dev takes advantage of this methodology. My only complaint has been context with it.
In this mode, the agent performs "memory consolidation" while the user is idle. The
autoDreamlogic merges disparate observations, removes logical contradictions, and converts vague insights into absolute facts.
this blog post reads like a marketing piece
Pretty sure it’s a bad LLM „analysis“ of the code. It has that flavour to it.
The code is still on GitHub, just an earlier commit: https://github.com/chatgptprojects/clear-code/tree/627ab39f09681d9c7d6915861d36d361bdc6d889
I was like "Ha, ha nice April's fools"... Then I keep reading the comments and... WTF‽
The best learning method is from your own mistakes. So, Claude is still learning.
Best part of the leak, they use regex matches for sentiment lol
I think saw one of the keywords was dumbass. And another looked for you calling it a piece of shit
Lmao, so the LLM framework falls back to similar shit to what ALICE used?
Something in a song on my car radio triggered my phone to wake google yesterday and I casually told it to fuck off, and it replied "I'm sorry you're upset. You can send feedback"
Adversarial audio, but just occurring by chance? Wild stuff. I was just looking into how to do that.
Vote people. There's town and city votes everyday or often. Vote!
