{"title":"Deep Deconstruction of Claude Code (II): Code Skeleton and Core Logic Mechanism","url":"/en/posts/claude-code-source-study-2/","date":"2026-04-01","type":"posts","content":"\u003ch1 id=\"a-deep-dive-into-claude-code-part-2-code-scaffolding-and-core-logic-mechanisms\"\u003e\n  A Deep Dive into Claude Code (Part 2): Code Scaffolding and Core Logic Mechanisms\n  \u003ca class=\"heading-link\" href=\"#a-deep-dive-into-claude-code-part-2-code-scaffolding-and-core-logic-mechanisms\"\u003e\n    \u003ci class=\"fa-solid fa-link\" aria-hidden=\"true\" title=\"Link to heading\"\u003e\u003c/i\u003e\n    \u003cspan class=\"sr-only\"\u003eLink to heading\u003c/span\u003e\n  \u003c/a\u003e\n\u003c/h1\u003e\n\u003cblockquote\u003e\n\u003cp\u003e\u003cstrong\u003eIntroduction\u003c/strong\u003e: In \u0026ldquo;\u003ca href=\"../claude-code-source-study-1/\" \u003eA Deep Dive into Claude Code (Part 1): Product Form and Technical Architecture Evolution\u003c/a\u003e\u0026rdquo;, we examined the React rendering engine, KAIROS persistence backend, and the core context explosion-proofing mechanism of Claude Code, the \u0026ldquo;terminal impersonator\u0026rdquo;.\u003c/p\u003e\n\u003cp\u003eNext, we will delve into its approximately 330 underlying TypeScript modules to explore the \u003cstrong\u003eCore Logic and Control Mechanisms\u003c/strong\u003e that enable the large model to operate with both freedom and discipline within the terminal. This article will reveal how it achieves a \u0026ldquo;production-grade\u0026rdquo; terminal agent through an extremely defensive Tool system.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003chr\u003e\n\u003ch2 id=\"1-code-architecture-a-domain-driven-sandbox-world\"\u003e\n  1. Code Architecture: A Domain-Driven Sandbox World\n  \u003ca class=\"heading-link\" href=\"#1-code-architecture-a-domain-driven-sandbox-world\"\u003e\n    \u003ci class=\"fa-solid fa-link\" aria-hidden=\"true\" title=\"Link to heading\"\u003e\u003c/i\u003e\n    \u003cspan class=\"sr-only\"\u003eLink to heading\u003c/span\u003e\n  \u003c/a\u003e\n\u003c/h2\u003e\n\u003cp\u003eClaude Code features over 60 built-in tools and nearly 100 slash commands. It is less of a prompt wrapper and more of a \u003cstrong\u003eVirtual Machine (VM) sandbox\u003c/strong\u003e designed for large language models.\u003c/p\u003e\n\u003cp\u003eWithin its \u003ccode\u003esrc/tools/\u003c/code\u003e directory, every \u003ccode\u003eTool\u003c/code\u003e strictly adheres to a highly consistent generic interface:\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" class=\"chroma\"\u003e\u003ccode class=\"language-typescript\" data-lang=\"typescript\"\u003e\u003cspan class=\"line\"\u003e\u003cspan class=\"cl\"\u003e\u003cspan class=\"kr\"\u003einterface\u003c/span\u003e \u003cspan class=\"nx\"\u003eTool\u003c/span\u003e\u003cspan class=\"p\"\u003e\u0026lt;\u003c/span\u003e\u003cspan class=\"nt\"\u003eInput\u003c/span\u003e\u003cspan class=\"p\"\u003e,\u003c/span\u003e \u003cspan class=\"na\"\u003eOutput\u003c/span\u003e\u003cspan class=\"p\"\u003e,\u003c/span\u003e \u003cspan class=\"na\"\u003eProgress\u003c/span\u003e\u003cspan class=\"p\"\u003e\u0026gt;\u003c/span\u003e \u003cspan class=\"p\"\u003e{\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan class=\"line\"\u003e\u003cspan class=\"cl\"\u003e  \u003cspan class=\"nx\"\u003ename\u003c/span\u003e: \u003cspan class=\"kt\"\u003estring\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan class=\"line\"\u003e\u003cspan class=\"cl\"\u003e  \u003cspan class=\"nx\"\u003eprompt\u003c/span\u003e\u003cspan class=\"p\"\u003e()\u003c/span\u003e\u003cspan class=\"o\"\u003e:\u003c/span\u003e \u003cspan class=\"kt\"\u003estring\u003c/span\u003e \u003cspan class=\"c1\"\u003e// 动态挂载的安全规则\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan class=\"line\"\u003e\u003cspan class=\"cl\"\u003e\u003cspan class=\"c1\"\u003e\u003c/span\u003e  \u003cspan class=\"nx\"\u003einputSchema\u003c/span\u003e: \u003cspan class=\"kt\"\u003eZodSchema\u003c/span\u003e\u003cspan class=\"p\"\u003e\u0026lt;\u003c/span\u003e\u003cspan class=\"nt\"\u003eInput\u003c/span\u003e\u003cspan class=\"p\"\u003e\u0026gt;\u003c/span\u003e \u003cspan class=\"c1\"\u003e// 用于强类型验证\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan class=\"line\"\u003e\u003cspan class=\"cl\"\u003e\u003cspan class=\"c1\"\u003e\u003c/span\u003e  \n\u003c/span\u003e\u003c/span\u003e\u003cspan class=\"line\"\u003e\u003cspan class=\"cl\"\u003e  \u003cspan class=\"nx\"\u003ecall\u003c/span\u003e\u003cspan class=\"p\"\u003e(\u003c/span\u003e\u003cspan class=\"nx\"\u003einput\u003c/span\u003e\u003cspan class=\"p\"\u003e,\u003c/span\u003e \u003cspan class=\"nx\"\u003econtext\u003c/span\u003e\u003cspan class=\"p\"\u003e)\u003c/span\u003e\u003cspan class=\"o\"\u003e:\u003c/span\u003e \u003cspan class=\"nx\"\u003ePromise\u003c/span\u003e\u003cspan class=\"p\"\u003e\u0026lt;\u003c/span\u003e\u003cspan class=\"nt\"\u003eToolResult\u003c/span\u003e\u003cspan class=\"p\"\u003e\u0026gt;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan class=\"line\"\u003e\u003cspan class=\"cl\"\u003e  \u003cspan class=\"nx\"\u003echeckPermissions\u003c/span\u003e\u003cspan class=\"p\"\u003e(\u003c/span\u003e\u003cspan class=\"nx\"\u003einput\u003c/span\u003e\u003cspan class=\"p\"\u003e)\u003c/span\u003e\u003cspan class=\"o\"\u003e:\u003c/span\u003e \u003cspan class=\"nx\"\u003ePermissionResult\u003c/span\u003e \u003cspan class=\"c1\"\u003e// 执行前权限预检\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan class=\"line\"\u003e\u003cspan class=\"cl\"\u003e\u003cspan class=\"c1\"\u003e\u003c/span\u003e  \u003cspan class=\"nx\"\u003eisConcurrencySafe\u003c/span\u003e\u003cspan class=\"p\"\u003e(\u003c/span\u003e\u003cspan class=\"nx\"\u003einput\u003c/span\u003e\u003cspan class=\"p\"\u003e)\u003c/span\u003e\u003cspan class=\"o\"\u003e:\u003c/span\u003e \u003cspan class=\"kr\"\u003eboolean\u003c/span\u003e \u003cspan class=\"c1\"\u003e// 并发锁，判定它能否并行执行\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan class=\"line\"\u003e\u003cspan class=\"cl\"\u003e\u003cspan class=\"c1\"\u003e\u003c/span\u003e  \u003cspan class=\"c1\"\u003e// ...以及用于终端 React 渲染的 4 个 render 方法\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan class=\"line\"\u003e\u003cspan class=\"cl\"\u003e\u003cspan class=\"c1\"\u003e\u003c/span\u003e\u003cspan class=\"p\"\u003e}\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003ch3 id=\"11-isconcurrencysafe-the-large-models-concurrent-execution-engine\"\u003e\n  1.1 \u003ccode\u003eisConcurrencySafe\u003c/code\u003e: The Large Model\u0026rsquo;s Concurrent Execution Engine\n  \u003ca class=\"heading-link\" href=\"#11-isconcurrencysafe-the-large-models-concurrent-execution-engine\"\u003e\n    \u003ci class=\"fa-solid fa-link\" aria-hidden=\"true\" title=\"Link to heading\"\u003e\u003c/i\u003e\n    \u003cspan class=\"sr-only\"\u003eLink to heading\u003c/span\u003e\n  \u003c/a\u003e\n\u003c/h3\u003e\n\u003cp\u003eLarge models are not single-core machines that execute code linearly.\nIf a large model issues commands to read \u003ccode\u003eA.ts\u003c/code\u003e, \u003ccode\u003eB.ts\u003c/code\u003e, and overwrite \u003ccode\u003eC.ts\u003c/code\u003e in a single turn, Claude Code\u0026rsquo;s underlying executor automatically groups and sorts them:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIt places all \u003ccode\u003eisConcurrencySafe=true\u003c/code\u003e read-only operations (like \u003ccode\u003eFileReadTool\u003c/code\u003e, \u003ccode\u003eGlobTool\u003c/code\u003e, \u003ccode\u003eGrepTool\u003c/code\u003e) into the same micro-batch and executes them instantly with a maximum concurrency of 10 (\u003ccode\u003erunConcurrently\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eWhen it\u0026rsquo;s time for write operations with destructive side-effects (like \u003ccode\u003eBashTool\u003c/code\u003e or \u003ccode\u003eFileWriteTool\u003c/code\u003e), it switches back to \u003ccode\u003erunSerially\u003c/code\u003e for strict, queued execution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis design significantly eliminates long-tail latency in terminal responses.\u003c/p\u003e\n\u003ch3 id=\"12-fileedittool-instead-of-overwriting-surgical-precision-file-replacement\"\u003e\n  1.2 \u003ccode\u003eFileEditTool\u003c/code\u003e Instead of Overwriting: Surgical-Precision File Replacement\n  \u003ca class=\"heading-link\" href=\"#12-fileedittool-instead-of-overwriting-surgical-precision-file-replacement\"\u003e\n    \u003ci class=\"fa-solid fa-link\" aria-hidden=\"true\" title=\"Link to heading\"\u003e\u003c/i\u003e\n    \u003cspan class=\"sr-only\"\u003eLink to heading\u003c/span\u003e\n  \u003c/a\u003e\n\u003c/h3\u003e\n\u003cp\u003eFor code files that are tens of kilobytes, traditional agents tend to overwrite the entire file, which often leads to the accidental deletion of existing code structures.\nClaude Code has a built-in precision \u003cstrong\u003esurgical replacement\u003c/strong\u003e mechanism (\u003ccode\u003eFileEditTool\u003c/code\u003e). The large model only needs to provide \u003ccode\u003eold string\u003c/code\u003e and \u003ccode\u003enew string\u003c/code\u003e, and the system can accurately find the specific section and perform a precise replacement.\nTo prevent regex matching errors or out-of-memory (OOM) issues, it even sets a 1 GiB memory limit for single-file modifications and integrates a Git-driven file diff feature by default (\u003ccode\u003egitDiff()\u003c/code\u003e) to provide atomic rollback capabilities for human users.\u003c/p\u003e\n\u003chr\u003e\n\u003ch2 id=\"2-core-design-logic-mechanisms\"\u003e\n  2. Core Design Logic Mechanisms\n  \u003ca class=\"heading-link\" href=\"#2-core-design-logic-mechanisms\"\u003e\n    \u003ci class=\"fa-solid fa-link\" aria-hidden=\"true\" title=\"Link to heading\"\u003e\u003c/i\u003e\n    \u003cspan class=\"sr-only\"\u003eLink to heading\u003c/span\u003e\n  \u003c/a\u003e\n\u003c/h2\u003e\n\u003cp\u003eBeyond basic code reading and writing capabilities, Claude Code has built several robust defensive walls at the design level to survive in a developer\u0026rsquo;s environment.\u003c/p\u003e\n\u003ch3 id=\"21-the-permission-system-a-five-layer-security-control-network\"\u003e\n  2.1 The Permission System: A Five-Layer Security Control Network\n  \u003ca class=\"heading-link\" href=\"#21-the-permission-system-a-five-layer-security-control-network\"\u003e\n    \u003ci class=\"fa-solid fa-link\" aria-hidden=\"true\" title=\"Link to heading\"\u003e\u003c/i\u003e\n    \u003cspan class=\"sr-only\"\u003eLink to heading\u003c/span\u003e\n  \u003c/a\u003e\n\u003c/h3\u003e\n\u003cp\u003eWhat if the large model tries to run \u003ccode\u003erm -rf\u003c/code\u003e? Claude Code\u0026rsquo;s security mechanism is not based on simple keyword regex.\nIt employs a high-priority, extremely fine-grained permission pipeline (\u003ccode\u003echeckPermissions()\u003c/code\u003e):\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003e\u003cstrong\u003eDefault Mode (\u003ccode\u003eask\u003c/code\u003e)\u003c/strong\u003e: Any destructive command immediately triggers a \u003ccode\u003eAskUserQuestionTool\u003c/code\u003e hard interruption (Human in the loop), prompting the user in the terminal to choose whether to allow, block, or allow for the entire session.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003eacceptEdits\u003c/code\u003e Mode\u003c/strong\u003e: Code modifications are automatically permitted, while only Bash operations are intercepted.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDangerous Pattern Detection\u003c/strong\u003e: If a user accidentally provides an extremely dangerous global whitelist entry, such as \u003ccode\u003epython:*\u003c/code\u003e, the system automatically identifies this high-risk regex for \u0026ldquo;arbitrary code execution\u0026rdquo; and forcibly blocks it to prevent privilege escalation vulnerabilities.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch3 id=\"22-bashtool-an-executor-with-a-safety-shield\"\u003e\n  2.2 \u003ccode\u003eBashTool\u003c/code\u003e: An Executor with a Safety Shield\n  \u003ca class=\"heading-link\" href=\"#22-bashtool-an-executor-with-a-safety-shield\"\u003e\n    \u003ci class=\"fa-solid fa-link\" aria-hidden=\"true\" title=\"Link to heading\"\u003e\u003c/i\u003e\n    \u003cspan class=\"sr-only\"\u003eLink to heading\u003c/span\u003e\n  \u003c/a\u003e\n\u003c/h3\u003e\n\u003cp\u003eAs the most dangerous and powerful tool, \u003ccode\u003eBashTool\u003c/code\u003e comes with extremely fine-grained configurations:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eHard Output Limit (30K chars limit)\u003c/strong\u003e: When the large model runs a build script that generates frantic errors, once its standard output (STDOUT) exceeds 30,000 characters, the excess content is directly written to a ghost folder at \u003ccode\u003e.claude/tool-results\u003c/code\u003e. The large model only receives a condensed summary and a file path reference, completely avoiding fatal token overload.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAutomatic Background Detachment\u003c/strong\u003e: When it runs an infinite loop or a persistent service for more than 15 seconds, the engine automatically detaches the process, returns control to the conversation flow, and silently monitors the output in the background.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3 id=\"23-multi-agent-swarm-worktree-isolation-and-derived-networks\"\u003e\n  2.3 Multi-Agent Swarm: Worktree Isolation and Derived Networks\n  \u003ca class=\"heading-link\" href=\"#23-multi-agent-swarm-worktree-isolation-and-derived-networks\"\u003e\n    \u003ci class=\"fa-solid fa-link\" aria-hidden=\"true\" title=\"Link to heading\"\u003e\u003c/i\u003e\n    \u003cspan class=\"sr-only\"\u003eLink to heading\u003c/span\u003e\n  \u003c/a\u003e\n\u003c/h3\u003e\n\u003cp\u003eFinally, this is the most stunning underlying logic of Claude Code: \u003cstrong\u003e\u003ccode\u003eAgentTool\u003c/code\u003e sub-agent derivation.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eWhat happens when a large model runs out of cognitive capacity while refactoring a project?\nThrough \u003ccode\u003eAgentTool\u003c/code\u003e, Claude Code can initiate a complete \u003cstrong\u003eforked development (Sub-Agent Spawning)\u003c/strong\u003e right before your eyes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eIsolation Modes\u003c/strong\u003e: It even automatically pulls a separate Git branch mirror (Worktree) of the current codebase and throws the derived sub-agent into this isolated environment for frantic trial and error!\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eNamespacing and Communication (Named Addressing)\u003c/strong\u003e: The main agent can name its clones (e.g., \u003ccode\u003etest-runner\u003c/code\u003e). After a clone successfully passes complex unit tests and writes the code on this isolated branch, the system then merges this correct code back into the main branch (\u003ccode\u003emerge\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eCost and Complexity Reduction\u003c/strong\u003e: The main task is assigned to the most capable but also most expensive \u003ccode\u003eOpus\u003c/code\u003e, while the derived testing script agents, which handle the grunt work, can be forced to switch to a cheaper \u003ccode\u003eHaiku\u003c/code\u003e model, truly achieving elastic scheduling of intelligent agents.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"summary-the-fundamental-form-of-next-generation-developer-tools\"\u003e\n  Summary: The Fundamental Form of Next-Generation Developer Tools\n  \u003ca class=\"heading-link\" href=\"#summary-the-fundamental-form-of-next-generation-developer-tools\"\u003e\n    \u003ci class=\"fa-solid fa-link\" aria-hidden=\"true\" title=\"Link to heading\"\u003e\u003c/i\u003e\n    \u003cspan class=\"sr-only\"\u003eLink to heading\u003c/span\u003e\n  \u003c/a\u003e\n\u003c/h2\u003e\n\u003cp\u003eIn this two-part reverse-engineering chronicle, we have unveiled the mystery of Claude Code.\nIf large models are nuclear reactors, then the 330 underlying libraries written by Anthropic are the \u003cstrong\u003eextremely thick anti-radiation concrete walls and control rods\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eA true production-grade agent tool cannot be solved by merely \u0026ldquo;a very long prompt.\u0026rdquo; Its barriers to entry lie in the double-buffered terminal React rendering engine hand-coded in TypeScript, in its extremely meticulous token budget calculations and micro-compression, and even more so in its almost sci-fi \u0026ldquo;sub-agent swarm running in isolation based on Git Worktree.\u0026rdquo;\u003c/p\u003e\n\u003cp\u003eUnderstanding these aspects is the \u0026ldquo;official answer\u0026rdquo; we should be copying when building future AI-native applications.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003e(End of series)\u003c/em\u003e\u003c/p\u003e\n","description":" A Deep Dive into Claude Code (Part 2): Code Scaffolding and Core Logic Mechanisms Link to heading Introduction: In \u0026ldquo;A Deep Dive into Claude Code (Part 1): Product Form and Technical Architecture Evolution\u0026rdquo;, we examined the React rendering engine, KAIROS persistence backend, and the core context explosion-proofing mechanism of Claude Code, the \u0026ldquo;terminal impersonator\u0026rdquo;.\nNext, we will delve into its approximately 330 underlying TypeScript modules to explore the Core Logic and Control Mechanisms that enable the large model to operate with both freedom and discipline within the terminal. This article will reveal how it achieves a \u0026ldquo;production-grade\u0026rdquo; terminal agent through an extremely defensive Tool system.\n"}