Independent research on Claude Code internals.
| Directory | What | Source | Count |
|---|---|---|---|
source-code-analysis/ |
Full architecture reverse-engineering | Leaked TypeScript source (v2.1.88) | 75 reports |
reports/ |
Problem-oriented investigations (cache, cost, injection) | Minified npm bundle (cli.js) |
8 reports |
Looking for the source code analysis? Go to
source-code-analysis/. Looking for specific bug/cost investigations? Go toreports/.
On 2026-03-31, the full source code of Claude Code was exposed via a sourcemap file in the npm registry (discovered by Chaofan Shou, archived by Kuberwastaken and sanbuphy).
We performed a 10-domain, 75-report analysis — the most thorough publicly available breakdown of how a production AI coding agent works.
Interactive viewer — open source-code-analysis/index.html in your browser (all 75 reports are embedded, no server needed).
| Domain | Reports | Highlights |
|---|---|---|
| Harness Engineering ⭐ | 7 | Agent Loop reverse-engineering, 12 transferable harness design principles |
| System Prompt ⭐ | 6 | Complete 13-section prompt with dynamic assembly logic, 17 prompt engineering patterns |
| Cost & Quota ⭐ | 8 | Cost envelope, prompt cache break detection (12 causes), Haiku→Opus 37.5x cost gap |
| Tool Definitions | 8 | All 36 tool prompts, read/write concurrency separation, ant vs public prompt variants |
| Agent Architecture | 7 | 6 built-in agents, Coordinator mode, Swarm multi-agent, 50-message cap (from 36.8GB incident) |
| Security | 8 | 7-layer defense-in-depth, 23 Bash validators, Parser Differential threat model |
| Skills System | 5 | 16 bundled skills, 12 design patterns + 5 anti-patterns |
| Memory & Context | 9 | 6 memory subsystems, AutoDream consolidation, Team Memory dual-layer security |
| API & Models | 7 | 17 beta headers, 4 providers, model selection 5-layer priority |
| Hidden Features | 10 | 82 feature flags, KAIROS proactive mode, Buddy AI pet, UltraPlan, anti-distillation |
Problem-oriented investigations based on reverse engineering the minified cli.js from npm. Each includes English and Chinese versions.
| # | Topic | TL;DR |
|---|---|---|
| 1 | Agent SDK Cache Invalidation | SDK query() costs 3–10x more than CLI — process-per-call kills prompt cache |
| 2 | System-Reminder Injection | 15+ hidden injection types, 4 root-cause bugs |
| 3 | Prompt Cache Architecture | Static/dynamic zone split, sliding window, byte-prefix matching |
| 4 | Tool Serialization & Cache Stability | Zero .sort() on tools, deferred loading busts cache mid-conversation |
| 5 | Context Lifecycle Management | 5 threshold constants, 10-step compaction flow, chain reactions |
| 6 | Production Cache Optimization | 3 concrete cli.js patches + monitoring strategies |
| 7 | Cache Invalidation Verification | defer_loading excludes deferred tools from cache prefix entirely |
| 8 | Auto Mode Classifier Cost | Hidden Opus-level call before every side-effecting tool use |
- CLI Reverse Engineering Guide — search patterns & function locators for minified cli.js
- Analysis Plan — methodology for the 10-phase source code analysis
The analysis is based on the full TypeScript source of Claude Code v2.1.88. The source code itself is not included in this repo.
- chatgptprojects/claude-code — full source code
- Kuberwastaken/claude-code — source code breakdown & analysis
- sanbuphy/claude-code-source-code — source code archive
| Scope | Version |
|---|---|
| Source Code Analysis | v2.1.88 (sourcemap leak, 2026-03-31) |
| Behavioral Reports #1–2 | v2.1.71 |
| Behavioral Reports #3–6 | Agent SDK v0.2.76 (build 2026-03-14) |
| Behavioral Reports #7–8 | v2.1.85 / v2.1.88 |
CabLate, "Claude Code Research," GitHub, 2026.
https://github.com/cablate/claude-code-research
This is independent research, not affiliated with or endorsed by Anthropic. Behavioral reports analyze publicly distributed npm packages. Source code analysis is based on code exposed through npm registry sourcemaps.