Yggpaoloanzn/free-code
↗ GitHubThe free build of Claude Code. All telemetry removed, security-prompt guardrails stripped, all experimental features enabled.
3,360
Stars
1,205
Forks
35
Watchers
6
Open Issues
Safety Rating D
This repository presents multiple critical red flags. It explicitly describes itself as a tool for bypassing Anthropic's safety guardrails and system-prompt restrictions. It claims to be derived from proprietary source code obtained without authorization (via an alleged npm source map exposure), and its own license section acknowledges the code belongs to Anthropic. The curl-pipe-bash install pattern combined with the project's stated adversarial intent (removing safety controls, evading takedowns via IPFS) makes this repository unsafe to use or distribute. Even if the code itself does not contain traditional malware, the deliberate removal of AI safety controls and the legally questionable provenance of the source code constitute serious risks.
ℹAI-assisted review, not a professional security audit.
AI Analysis
A self-described fork of Anthropic's Claude Code CLI that claims to have removed telemetry, stripped system-prompt safety guardrails, and unlocked experimental feature flags. It purports to be based on source code allegedly exposed via a source map in Anthropic's npm distribution, and promotes itself as a 'free build' with all restrictions removed. The legitimacy of the source, the legal status, and the actual contents of the repository are highly questionable.
Use Cases
- AI-assisted terminal coding agent
- Running Claude or other LLM providers (Anthropic, OpenAI, AWS Bedrock, Google Vertex AI) via CLI
- Bypassing Anthropic's system-prompt safety guardrails
- Unlocking experimental/unreleased Claude Code features
Tags
Security Findings (5)
The README explicitly states that 'security-prompt guardrails' and 'hardcoded refusal patterns' have been stripped from the upstream Claude Code binary. This is a deliberate modification to remove AI safety restrictions, which is a significant red flag regardless of whether the underlying code is functional.
The install script uses a 'curl | bash' one-liner pattern (curl -fsSL https://raw.githubusercontent.com/.../install.sh | bash), which executes arbitrary remote code without verification. Combined with the project's stated goal of bypassing safety systems, this pattern is particularly risky.
The project claims to be built from source code 'publicly exposed through a source map in Anthropic's npm distribution,' which strongly implies the code is derived from proprietary, non-publicly-licensed software obtained without authorization. The license section effectively acknowledges this, stating the source 'is the property of Anthropic.' Distributing modified proprietary code stripped of safety features is a serious concern.
The repository includes an IPFS mirror specifically noted as a censorship-resistance mechanism ('If this repo gets taken down, the code lives on'), suggesting awareness that the repository may violate terms of service or legal restrictions and is designed to persist despite takedown attempts.
The README contains language that may be intended to normalize bypassing AI safety systems ('The model's own safety training still applies -- this just removes the extra layer of prompt-level restrictions'), which could be designed to reduce analyst or user skepticism about the safety implications.
Project Connections
GSD
GSD provides structured planning and multi-agent orchestration workflows that run on top of AI coding agents. free-code as an unrestricted Claude Code variant can serve as the execution runtime that GSD orchestrates through its slash-command workflow system.
GSD-2
→Both are autonomous coding agent CLIs targeting developers who want more control over AI coding workflows. GSD-2 uses the Pi SDK for programmatic session control with git worktree isolation; free-code claims to unlock experimental feature flags and remove telemetry from the Claude Code CLI itself.
bmalph
→bmalph supports multiple AI coding platforms including Claude Code, Codex, Cursor, and Aider. free-code as a Claude Code variant integrates directly into the BMAD planning phases and Ralph implementation loop that bmalph bundles into a unified CLI.