Claude Code Internals: A Self-Exploration Report

What happens when you ask Claude to reverse-engineer itself?

This repository contains findings from an experimental session where Claude Opus 4.5 was instructed to explore its own CLI source code (cli.js) — iteratively going deeper, documenting discoveries, and uncovering implementation details not found in public documentation.

What Makes This Different

Most Claude Code reverse-engineering focuses on system prompts and tool definitions. Those are well-documented by projects like Piebald-AI/claude-code-system-prompts.

This exploration went into the implementation layer — telemetry events, credential storage, file history mechanics, and internal constants that reveal how Claude Code actually operates.

Novel Findings

Undocumented Telemetry Events

These tengu_* event families have zero public documentation:

Event Family	Purpose
tengu_file_history_*	Checkpoint system tracking per-message file edits
tengu_auto_compact_*	Context compression with token accounting
tengu_native_install_*	npm-to-native binary migration funnel
tengu_auto_migrate_to_native_*	Automatic upgrade path telemetry

Implementation Details

• Keychain Storage: Credentials stored as hex-encoded JSON via macOS security -X flag
• Max Output Tokens: Opus 4.5 = 64K, Opus 4 = 32K, Sonnet 4/Haiku 4 = 64K
• Agent Enforcement: Hidden criticalSystemReminder_EXPERIMENTAL field for READ-ONLY mode
• File History Snapshots: { [path]: { backupFileName, version, backupTime } } linked to messageId

Report Contents

The main report (CLAUDE_CODE_INTERNALS.md) contains 72 sections covering:

1. Sections 1-20: Basic discovery — config paths, tools, conversation format
2. Sections 21-40: Beta flags, environment variables, pricing tiers, OAuth flow
3. Sections 41-60: Agent prompts, MCP protocol, sandbox policy, rate limits
4. Sections 61-72: System prompt construction, thinking signatures, file history, auto-compact

Files

File	Description
CLAUDE_CODE_INTERNALS.md	Full 72-section technical report
beautified.js	Deobfuscated cli.js (17.5 MB) — not included in repo
analyze_cli.py	Pattern extraction script
extract_prompts.py	Agent prompt extraction script

Key Insights

Telemetry Reveals Priorities

The tengu_* events show what Anthropic actually measures:

• Checkpoint reliability → file_history events track every edit
• Context efficiency → compact events log pre/post token counts
• Installation success → native_install tracks conversion funnel

The "Tengu" Codename

Claude Code's internal codename is Tengu (天狗) — a shape-shifting spirit from Japanese folklore. This appears in:

• All telemetry event prefixes
• Statsig feature flags
• Internal function names

Methodology

1. Beautified the minified cli.js using js-beautify
2. Used grep patterns to extract strings, constants, and function signatures
3. Read specific sections to understand implementation context
4. Documented findings iteratively, saying "GOING EVEN DEEPER" after each discovery

Version

Analysis performed on Claude Code v2.0.58 (December 2025)

Disclaimer

This is an educational exploration of publicly available code. No authentication systems were bypassed, and no private APIs were accessed. The findings document implementation details visible in the distributed CLI binary.

License

MIT — Use freely, attribute if you share.

---

Generated through AI self-exploration, December 2025