Reverse-engineered Claude Code SDK: single-file CLIs in 4 languages using Pro/Max subscription auth

SeifBenayed, a developer on GitHub, published an open-source SDK that reverse-engineers Anthropic's Claude Code CLI — a 190MB Bun-bundled binary — and rebuilds its core agent loop in four languages: Node.js, Python, Go, and Rust. Each implementation ships as a single file with no external dependencies.

The authentication work required mapping an undocumented contract Anthropic has never published. Reaching the subscription billing path involves an OAuth token pulled from the system credential store — the macOS keychain, or its equivalent on Linux and Windows — combined with beta headers specifying the claude-code and oauth protocol versions. On top of that: a hardcoded billing header embedded in the first system prompt block, and access headers flagging the request as originating from a CLI client. Miss any single element and the API returns a 400 or 401. SeifBenayed worked out this combination by decompiling the binary directly.

The SDK also ships an NDJSON bridge protocol. A parent process spawns the SDK as a subprocess and exchanges structured JSON over stdin and stdout — no package manager, no binary to ship. That design makes it workable in CI pipelines and agent-to-agent setups where dependency footprint matters. Tool calling covers the same five built-ins as the official CLI: Bash, Read, Write, Glob, and Grep, with multi-turn conversations and streaming handled across all four language ports.

The risk, though, is not hypothetical. OpenCode — a previous third-party Claude Code alternative — was banned by Anthropic after exploiting the same OAuth subscription path. <a href="/news/2026-03-15-openai-oauth-chatgpt-api-proxy">Similar OAuth-based exploits have appeared on other platforms</a>. Anthropic's Terms of Service don't authorize third-party use of these internal billing headers or subscription entitlements, and the OpenCode episode shows enforcement happens. Developers eyeing claude-code-sdk for production pipelines are effectively betting their account against the cost of standard API credits. Anthropic has not commented on this specific project.