Gottheimer Presses Anthropic on Source Leak and Mythos Safety
Rep. Josh Gottheimer, a leading House Democrat on AI and cybersecurity, sent a letter to Anthropic demanding answers about the Claude Code source leak. The letter asks pointed questions about Claude’s capabilities, risks of malicious use, and susceptibility to attacks by foreign adversaries. Gottheimer specifically flagged last year’s CCP-backed hacking of Claude and raised concerns that the upcoming Mythos model could enable more sophisticated cyberattacks.
The congressional pressure comes as Anthropic’s tools become increasingly embedded in defense and intelligence operations. Gottheimer’s inquiry adds a Washington dimension to what started as a packaging error — and it arrives just as Anthropic prepares its IPO road show. Enterprise and government buyers tend to notice when Congress starts asking questions.
DMCA Takedown Scaled Back After Hitting 8,100 Repos
Anthropic’s copyright takedown effort caught far more than intended. The initial DMCA notice targeted roughly 8,100 GitHub repositories — including legitimate forks of Anthropic’s own public Claude Code repo that had nothing to do with the leaked source. Developers across the platform reported unexpected takedown notices, and the backlash was swift.
Boris Cherny, Anthropic’s head of Claude Code, acknowledged the overreach and said the takedown was scaled back to cover just one repository and 96 forks containing the actual leaked source. The incident adds another layer to an already messy week. The code has been mirrored so widely that enforcement is largely symbolic at this point.
Claude Haiku 3 Retiring April 19 — Migrate Now
Anthropic confirmed that claude-3-haiku-20240307 will stop accepting requests after April 19, 2026. If your production systems still use Haiku 3, you have just over two weeks to migrate. The recommended path is claude-haiku-4-5-20251001, which offers significantly better performance at comparable pricing.
This is the latest in Anthropic’s ongoing cleanup of older model versions. Claude 3 Haiku was originally launched in March 2024 as the fast, affordable option in the Claude 3 lineup. Two generations later, it’s time to sunset it. Check your API keys and automated pipelines — any hardcoded model strings pointing to the old version will start failing in 17 days.
Web Tools Now Generally Available — Free Code Execution
Anthropic’s web search tool and programmatic tool calling are now GA — no beta header required. The web fetch tool, which lets Claude retrieve full content from URLs and PDF documents, is also now available in beta. These were among the most-requested developer features over the past quarter.
The headline bonus: API code execution is now free when used alongside web search or web fetch. That’s a meaningful cost reduction for agents that combine web research with computation. Data residency controls are also live — use the inference_geo parameter to pin model inference to the US at 1.1x pricing for models released after February 1, 2026.
Tool Helpers Launch in Beta for Python and TypeScript SDKs
Anthropic shipped tool helpers in beta for both the Python and TypeScript SDKs. The new helpers simplify tool creation with type-safe input validation and include a tool runner for automated tool handling in conversations. If you’ve been manually parsing tool calls and validating inputs, this cuts the boilerplate significantly.
The tool runner handles the full loop: receiving a tool-use response, executing the tool, and passing results back to the model. Combined with the structured outputs GA from last week, building reliable tool-using agents just got meaningfully easier. Available now via pip install anthropic and npm install @anthropic-ai/sdk.
Claw-Code: Fastest-Growing Repo in GitHub History
Claw-code, a clean-room Rust and Python rewrite of the Claude Code agent architecture, hit 100,000 GitHub stars in a single day — making it the fastest-growing repository in GitHub history. Created by developer Sigrid Jin after the source leak, it started as a mirror and evolved into a complete rewrite that reimplements the agent harness, tool coordination, and permission model from scratch.
The repo reached 50,000 stars in roughly two hours after publication, surpassing even OpenClaw’s previous record. Anthropic’s enforcement efforts have been unable to contain the spread — the code was forked and redistributed faster than DMCA notices could land. For the open-source community, the leak has produced something Anthropic never intended: a fully open alternative to Claude Code’s architecture.
Claude Buddy: 18 Species, RPG Stats, and a 1% Shiny Rate
The Claude Code source leak revealed an April Fools surprise that Anthropic had been building quietly: Claude Buddy, a terminal Tamagotchi that lives inside Claude Code. Engineers designed 18 species — from duck and capybara to dragon and axolotl — each with unique ASCII art and personality traits. Every buddy has five RPG stats: Debugging, Patience, Chaos, Wisdom, and Snark, scored on a 0–100 scale.
The feature is tagged friend-2026-401 in the source, with a rollout window of April 1–7. There’s an independent 1% chance for any buddy to spawn as Shiny, complete with rainbow shimmer animations. A Shiny Legendary has a 0.01% probability — roughly 1 in 10,000. Not for business purposes. Just to make developers smile. It’s one of the more endearing things to come out of a security incident.
The Leak That Keeps on Leaking
Twenty-four hours after the Claude Code source leak, the fallout is still expanding. A congressman is asking questions. Claw-code has become the fastest-growing repo ever. Anthropic accidentally took down 8,000 repos that weren’t even involved. And the April Fools easter egg hidden in the leaked code is the most charming thing anyone found in there. Each new development makes the original packaging error feel a little more consequential.
The pattern is worth watching. A single .npmignore oversight cascaded into a congressional inquiry, a DMCA controversy, an open-source movement, and a PR headache — all within 48 hours. For Anthropic, the technical fix was trivial. The reputational and political cleanup is just getting started. And with an IPO on the horizon and Mythos in the wings, the margin for error keeps getting thinner. The safety-first company is learning that operational discipline is a form of safety too.