The Claude Code Leak Changed the Threat Model. Here's How to Defend Your AI Agents.

IntentGuard - a policy enforcement layer for MCP tool calls and AI coding agents The Leak That Rewrote the Attacker's Playbook On March 31, 2026, 512,000 lines of Claude Code source were accidentally published via an npm source map. Within hours the code was mirrored across GitHub. What was already extractable from the minified bundle became instantly readable: the compaction pipeline, every bash-security regex, the permission short-circuit logic, and the exact MCP interface contract. The leak didn't create new vulnerability classes - it collapsed the cost of exploiting them.