Leaked Claude Code Reveals KAIROS System and the Verification Gap in AI Agents

What the Leak Revealed

Anthropic accidentally shipped a source map in their npm package, exposing the entire Claude Code codebase. The leak contains 512K lines of TypeScript, 44 feature flags, and a hidden system called KAIROS.

KAIROS is described as an always-on background agent that performs several functions while the user is idle:

• Consolidates memory
• Merges observations
• Removes contradictions
• Prepares context so it's clean when the user returns

The Independent Development Experience

A solo developer building a 668K-line TypeScript platform with Claude Code encountered the same limitations that KAIROS addresses. They run autonomous campaigns spanning multiple sessions with persistent state files that carry context across context window boundaries.

The problem: campaigns stall between sessions. When finishing a phase and returning later, developers must manually restart, re-read campaign files, and figure out where things left off because the agent's memory dies with the session.

The solution they built: a daemon that chains sessions via scheduled triggers. One session finishes, writes state, exits with code 0 ("no errors"), and the daemon detects the exit to spawn the next session with full context. This reduced campaigns that took a week of manual restarts to complete in one stretch.

The Verification Problem

The developer discovered that exit code 0 means "no errors" but doesn't mean "it works." In their first night running the daemon, an agent shipped an invisible feature—a full campaign completed with clean typechecking, zero warnings, and confident exit, but 37 of 38 entities were missing in the actual application.

In another instance, a fleet session replaced 6 working components in parallel, resulting in components showing "Running NaN" with no timeline or vitals. The agents never rendered what they built—they only checked that it compiled and moved on.

The Verification Layer Solution

The developer realized that "the daemon alone is a faster way to ship broken code." They built a verification layer that forces agents to prove their work visually:

• Navigate real routes in a real browser
• Count DOM elements
• Capture screenshots
• If a view that should have 38 entity cards has zero, the system catches it
• If an agent modified UI files, it cannot complete without screenshot artifacts

This is implemented as a hard gate, not a suggestion.

The Fundamental Gap

KAIROS solves the memory problem but doesn't solve the verification problem. While it merges observations, removes contradictions, and converts vague insights into concrete facts, neither memory consolidation nor daemon mode addresses the fundamental gap: agents can't verify their own work visually. They can prove structure but cannot prove appearance.

The developer notes that the convergence between Anthropic's KAIROS and their independent solution indicates a real ceiling: once sessions are long enough and campaigns span days, persistent background execution becomes inevitable. However, "the daemon is the easy part. Anyone can chain sessions. The hard part is building the infrastructure that catches failures the daemon will confidently ship."

Key Takeaway

If you're building any form of autonomous agent execution, ask one question before shipping: can my agent prove that what it built actually works? If the answer is "it compiled," you're likely to encounter the same issues. The developer's 27 documented postmortems taught them that "the daemon is a force multiplier. Without a quality layer, it multiplies your failures."

The daemon, verification layer, and campaign persistence system are open-source at github.com/SethGammon/Citadel.