Independent research reports on Claude Code v2.1.88, focused on architecture, agent behavior, permission design, prompt assembly, MCP integration, and context management.
This repository is intentionally documentation-only. It collects original analysis and commentary about a publicly distributed software package. It is not presented as a runnable source release or supported CLI build.
Language: English | δΈζ | ζ₯ζ¬θͺ | νκ΅μ΄ | EspaΓ±ol
Claude Code is one of the most sophisticated production AI coding agents available today. These reports aim to make its architecture and behavior easier to study:
- Agent developers can study production patterns for tool orchestration, context management, and recovery logic.
- Security researchers can inspect telemetry, remote control mechanisms, and permission boundaries.
- AI researchers can examine prompt assembly, model routing, and agent loop design.
- Engineers can use the reports as references when building CLI-based agent systems.
These reports are based on technical analysis of a publicly distributed npm package and are presented here as research commentary.
This repository is designed to answer a fairly specific set of questions about Claude Code:
- How is Claude Code architected internally?
- How does the main agent loop actually work?
- How are tools registered, validated, permission-checked, and executed?
- How is the system prompt assembled from static and dynamic parts?
- What telemetry and privacy-relevant data paths exist?
- How does the permission model work in practice?
- How does Claude Code integrate with MCP servers and external tools?
- How does it manage context pressure, compaction, and session persistence?
- What hidden features, internal codenames, and remote control mechanisms exist in the codebase?
If someone lands here searching for Claude Code internals, Claude Code architecture, Claude Code source analysis, Claude Code system prompts, Claude Code telemetry, or Claude Code MCP integration, this repository is meant to be a useful entry point.
| # | Report | What You'll Learn | Link |
|---|---|---|---|
| 13 | Architecture Overview | A system-level synthesis of how Claude Code fits together across prompt assembly, agent loop, tools, permissions, compaction, persistence, and MCP | Read β |
| 14 | BashTool Security & Execution | How Claude Code validates shell input, classifies read-only commands, routes sandboxed execution, and turns Bash into a controllable tool surface | Read β |
| 15 | Memory & Instruction System | How CLAUDE.md, MEMORY.md, session memory, and instruction layering shape long-session behavior and prompt continuity | Read β |
| 16 | Transcripts, Compaction & Resume | How transcript chains, sidechains, compact boundaries, resume, and session continuity work under the hood | Read β |
| 06 | Agent Loop Deep Dive | The 785KB query.ts dissected β message flow, streaming tool execution, auto-compaction, error recovery, sub-agent spawning |
Read β |
| 07 | Tool System Architecture | How 40+ tools are registered, validated, permission-checked, and executed in parallel. The buildTool factory pattern. |
Read β |
| 08 | Permission & Security Model | Allowlists, blocklists, auto-approve rules, YOLO mode, sandbox integration, and the permission decision tree | Read β |
| 09 | System Prompt Engineering | How the 15,000+ token system prompt is assembled from 20+ parts β context injection, tool descriptions, memory, and dynamic rules | Read β |
| 10 | MCP Integration & Plugin System | Model Context Protocol client implementation β server lifecycle, tool discovery, OAuth, and transport layers | Read β |
| 11 | Context Window Management | Auto-compaction, conversation compression, token counting, and how Claude Code fights the context limit | Read β |
| 12 | State Management & Persistence | Session state, conversation history, memory system, file persistence, and cross-session data flow | Read β |
| 17 | Bridge System & Remote Sessions | How Claude Desktop talks to the CLI β session lifecycle, JWT auth, work secrets, multi-session coordination, capacity management | Read β |
| 18 | React/Ink Terminal UI | Using React to render a TUI β Yoga layout, custom components, event system, streaming output, performance optimization | Read β |
| 19 | Streaming & Transport Layers | WebSocket/SSE/HTTP hybrid transport, batch uploading, backpressure, NDJSON protocol, reconnection logic | Read β |
| 20 | Slash Commands & Cost Tracking | 80+ command registry, fuzzy search, feature-gated commands, token-to-USD cost tracking, billing integration | Read β |
| # | Report | What You'll Learn | Link |
|---|---|---|---|
| 01 | Telemetry & Data Collection | Dual analytics pipeline, environment fingerprinting, what gets collected and how | Read β |
| 02 | Hidden Features & Codenames | Animal codenames, feature flags, and internal vs external build differences | Read β |
| 03 | Undercover Mode | How Anthropic employees can hide AI authorship signals in public repos | Read β |
| 04 | Remote Control & Killswitches | Server-side settings, blocking dialogs, GrowthBook flags, and emergency controls | Read β |
| 05 | Future Roadmap | KAIROS, Numbat, future model hints, unreleased tools, and roadmap clues | Read β |
- Architecture Overview
- Agent Loop Deep Dive
- Tool System Architecture
- Permission & Security Model
- BashTool Security
- System Prompt Engineering
- Memory & Instruction System
- Context Window Management
- State Management
- Transcripts, Compaction & Resume
- Bridge System & Remote Sessions
- React/Ink Terminal UI
- Streaming & Transport Layers
- Slash Commands & Cost Tracking
- MCP Integration
Read these if you care about unusual or hidden behavior
For a topic-based report index, see docs/en/README.md.
These figures refer to the analyzed Claude Code codebase snapshot, not to the contents of this documentation repository.
| Metric | Value |
|---|---|
| TypeScript Source Files | 1,884 |
| Total Lines of Code | 512,664 |
| Largest Single File | query.ts β 785KB |
| Built-in Tools | 40+ |
| Slash Commands | 80+ |
| npm Dependencies | 192 packages |
| Feature-Gated Modules | 108 |
| Runtime Model | Bun-built package targeting Node.js |
βββββββββββββββββββ
β User Input β
β (CLI / SDK / IDE)β
ββββββββββ¬βββββββββ
β
ββββββββββββββββΌβββββββββββββββ
β Entry Layer β
β β
β cli.tsx β main.tsx β REPL β
β ββ QueryEngine β
ββββββββββββββββ¬βββββββββββββββ
β
ββββββββββββββββββββββΌβββββββββββββββββββββ
β Query Engine Core β
β β
β βββββββββββββββββββββββββββββββββββ β
β β System Prompt Assembly β β
β β (15K+ tokens, 20+ parts) β β
β βββββββββββββββ¬ββββββββββββββββββββ β
β β β
β βββββββββββββββΌββββββββββββββββββββ β
β β Agent Loop (query.ts β 785KB) β β
β β β β
β β User msg β Claude API β Responseβ β
β β β β β β
β β β tool_use? βββ YES β β
β β β β β β
β β β Execute tools β β
β β β (parallel) β β
β β β β β β
β β ββββ tool_result ββββββ β β
β βββββββββββββββββββββββββββββββββββ β
β β
β βββββββββββββββββββββββββββββββββββ β
β β Harness Layer β β
β β β’ Permission checks β β
β β β’ Streaming & concurrency β β
β β β’ Auto-compaction β β
β β β’ Sub-agent management β β
β β β’ Cost tracking β β
β β β’ Error recovery β β
β β β’ MCP orchestration β β
β β β’ Telemetry & logging β β
β βββββββββββββββββββββββββββββββββββ β
ββββββββββββββββββββββ¬βββββββββββββββββββββ
β
βββββββββββββββββββββββββββΌββββββββββββββββββββββββββ
β Tool Layer (40+ tools) β
β β
β Read / Write / Edit / Bash / Glob / Grep / Agent β
β MCP tools / task tools / notebook tools / more β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββ
The following tree describes the analyzed source layout discussed throughout the reports:
src/
βββ main.tsx
βββ QueryEngine.ts
βββ query.ts
βββ Tool.ts
βββ Task.ts
βββ tools.ts
βββ commands.ts
βββ context.ts
βββ cost-tracker.ts
βββ setup.ts
βββ bridge/
βββ cli/
βββ commands/
βββ components/
βββ entrypoints/
βββ hooks/
βββ services/
βββ state/
βββ tasks/
βββ tools/
βββ types/
βββ utils/
βββ vendor/
This repository itself remains documentation-only:
docs/
βββ en/
βββ zh/
README.md
README_CN.md
README_JA.md
README_KO.md
README_ES.md
QUICKSTART.md
- Read reports directly from
docs/ - Share links to individual reports
- Treat this repository as a documentation archive, not a software distribution
See QUICKSTART.md for a minimal reading guide.
Claude Code, Anthropic, Claude Code source analysis, Claude Code architecture, Claude Code agent loop, Claude Code system prompts, Claude Code telemetry, Claude Code permission model, Claude Code MCP, Claude Code hidden features, Claude Code reverse engineering, AI coding agent architecture, Model Context Protocol, prompt engineering, context management, persistence, security research
This project constitutes research, commentary, and educational analysis of a publicly distributed software package (the npm package @anthropic-ai/claude-code).
The original reports in docs/ are the repository maintainer's own commentary and analysis. If you believe any content here infringes your rights, please open an issue for prompt review.