claw-code vs Claude Code: What's Actually Different?
claw-code is a Python rewrite of Claude Code's harness. This breakdown covers what's the same, what's missing, and when each makes sense for builders.
Waking up on the very first day of April, I expected to scroll through the usual memes. Instead, my feed was on fire — Anthropic had accidentally published the full source of Claude Code inside an npm package, and a developer in Korea had already rebuilt the core architecture from scratch and pushed it to GitHub. By the time I made coffee, the repo had crossed 30,000 stars.
That repo is claw-code. And if you’re trying to understand whether it’s actually usable, production-safe, or just an interesting artifact of one chaotic night — this breakdown is for you.
One-line positioning of each
Claude Code is Anthropic’s official terminal-native coding agent. It runs in your CLI or IDE, understands your entire codebase, handles git operations, runs tests, and is backed by Anthropic’s infrastructure and security team. It requires a Claude Pro or Max subscription (~$20/month).
claw-code is an open-source, clean-room rewrite of the Claude Code agent harness architecture, built in Python and Rust by developer Sigrid Jin in the hours following the latest source leak. It captures the architectural patterns of Claude Code without copying proprietary code. Free to use, self-hosted, and actively developed.
These are not direct competitors in the traditional sense. One is a polished, enterprise-supported product. The other is a community-driven architecture study that happens to actually run.
Core architecture comparison
Language and runtime
Claude Code’s leaked source was approximately 512,000 lines of TypeScript across 1,906 files — a massive, battle-tested codebase shipping as an npm package. It runs on Node.js, integrates directly into VS Code and JetBrains via extensions, and streams responses via SSE.
claw-code is built with a Python + Rust hybrid. According to the project’s own architecture docs, Rust currently comprises 72.9% of the codebase (performance-critical paths, a zero-dependency JSON parser, OAuth PKCE flow, terminal rendering) while Python handles agent orchestration and LLM integration at 27.1%. There’s an active dev/rust branch targeting a fully memory-safe runtime.
The practical difference: Claude Code is stable, battle-tested, and runs with a single npm install. claw-code requires Python setup, is still in active development, and the Rust migration isn’t merged to main yet.
# Claude Code install — one command, done
npm install -g @anthropic-ai/claude-code
# claw-code — clone, configure, run
git clone https://github.com/instructkr/claw-code
cd claw-code
pip install -r requirements.txt
python src/main.pyMulti-agent orchestration support
This is one of the more fascinating parts of the leak. Claude Code’s internal architecture includes a “swarm” system for spawning sub-agents that parallelize complex engineering tasks — each running in isolated contexts with shared memory access. The Model Context Protocol specification provides the underlying standard for how these tool-calling interactions are structured.
claw-code documents and reimplements this via its Agent tool — a sub-agent spawner that decomposes large tasks into independently executable subtasks. Whether the coordination quality matches Claude Code’s production tuning is still untested at scale, but the architectural pattern is there.
MCP and tool integration
Both tools support the Model Context Protocol. claw-code’s implementation documents six transport types: Stdio, SSE, HTTP, WebSocket, SDK, and ClaudeAiProxy — with automatic name normalization, config hashing, and OAuth authentication. That’s actually a broader surface area on paper than many developers expect from a community rewrite.
Claude Code’s MCP support is more mature and better-documented at Claude Code Docs website, with official integrations tested against real server implementations. For production MCP workflows, that matters.
Permission and sandboxing model
Claude Code runs with explicit, granular permission controls. When it needs file access or shell execution, it asks. Anthropic maintains dedicated security infrastructure, conducts regular audits, and manages the trust boundary between the agent and your system. The Remote Control feature added in early 2026 gives native mobile access without exposing inbound ports.
claw-code implements a permission context management layer (see permissions.py in the source tree) with 19 permission-gated tools. Each tool — file reading, Bash execution, Git operations, web scraping, LSP integration — has its own access controls. The architecture is sound. The question is how thoroughly it’s been audited.
It’s worth noting: a supply-chain attack on March 31, 2026 affected npm-based Claude Code installations during the leak window. claw-code itself was not affected, but the broader ecosystem warrants caution. The OWASP guide on software supply chain security is worth reviewing before deploying any third-party agent in production.
What claw-code has, what it’s still missing
Current feature parity status
What’s gated behind unreleased flags in the original
The source leak revealed 44 compiled feature flags in Claude Code’s codebase — of which 20 remain disabled for external users. That’s a substantial internal pipeline ahead of public releases. Three stand out:
KAIROS Mode: A continuously-running proactive assistant that observes your development environment and takes autonomous action without waiting for user input. Backed by an independent append-only log.
ULTRAPLAN Mode: Offloads complex architectural planning to a remote cloud container running an Opus-class model with up to 30 minutes of dedicated reasoning time and browser-based human approval workflows.
autoDream Service: A background memory consolidation engine — described internally as the system’s “dreaming” mechanism — that reorganizes learned patterns and prunes stale context during idle time.
None of these are implemented in claw-code yet. They represent the gap between what you can reverse-engineer and what takes months of production tuning to make reliable.
Decision matrix: when does each make sense?
Experimental use and architecture research
claw-code is genuinely interesting here. If you want to understand how a production-grade AI coding agent actually wires tools, manages runtime context, and orchestrates sub-agents — the codebase is readable, documented, and the GitHub repo includes a parity audit against the TypeScript source. For developers studying agentic systems design, this is valuable.
The Anthropic research blog on agent architectures provides useful context for understanding where the design choices in Claude Code came from.
Production-grade agentic workflows
Claude Code. Not because claw-code isn’t clever — it is — but because production workflows need stability, official security audits, consistent model quality, and support when things break at 2am. Claude Code’s error recovery across long sessions and its context retention are features that have been tuned against billions of real tokens.
Team evaluation criteria
Use this table honestly:
FAQ
Q: Is claw-code production-ready?
Not yet, in my honest assessment. The Python foundation is functional for scoped tasks, but the Rust rewrite is still in progress on a separate branch, the IDE integrations don’t exist, and the multi-agent orchestration hasn’t been battle-tested at scale. It’s moving fast — 48k stars in days means a lot of contributors — but “interesting architecture” and “production-ready” are different bars.
Q: Does claw-code support MCP servers?
Yes, on paper. The project documents six transport types including Stdio, SSE, HTTP, and WebSocket. In practice, the implementation is newer and less tested than Claude Code’s. If MCP server stability matters to your workflow, Claude Code is safer for now. Check the MCP specification to understand what full compliance actually requires.
Q: Can claw-code connect to non-Anthropic model providers?
Yes — this is one of its genuine advantages. claw-code is designed with a provider-agnostic LLM abstraction layer, meaning you can point it at OpenAI, Gemini, or local models via Ollama. Claude Code is locked to Anthropic’s models. If model flexibility matters (and it increasingly does as the landscape shifts), claw-code has a structural edge here.
Q: What happens if Anthropic takes further legal action against claw-code?
The project is designed as a clean-room rewrite — no proprietary code was copied, only architectural patterns were studied and independently reimplemented. That’s the same legal approach used successfully by projects like Wine and ReactOS. That said, Anthropic hasn’t issued any public legal action against the instructkr repo as of this writing. The project’s maintainer is explicit about the clean-room methodology in the README.
Q: Is the Rust rewrite of claw-code any closer to production use?
The dev/rust branch is active, and the project’s own documentation says the 6-crate Rust workspace includes 16 runtime modules with performance-critical paths already implemented. But “active development” and “merge-ready” are different things. Based on current activity, I’d expect the Rust core to stabilize over the next few months — but don’t build a production pipeline on that timeline assumption.
Previous Posts:
- Claude Sonnet 4.6: A “Non-Hogging the Spotlight” Work Model
- Claude Opus 4.6 and Sonnet 4.6: Everything You Need to Know
- Cursor vs Claude Code: Which AI Coding Tool Should You Choose in 2026?
- Claude vs Codex: Anthropic vs OpenAI in the AI Coding Agent Battle of 2026
- Claude Mythos (Opus 5) Leaked: What We Know So Far
Related Articles
Claude Code architecture Deep Dive: What the Leaked Source Reveals
Claude Mythos vs Claude Opus 4.6: What the Leak Reveals for Developers
Qwen3.5-Omni API Pricing, Limits, and Deployment Options (2026)
Qwen3.5-Omni vs GPT-4o vs Gemini 2.5 Pro: Omni Model Comparison
Claude Code Leaked Source: BUDDY, KAIROS & Every Hidden Feature Inside
