China flags security risk in Anthropic's Claude Code
Beijing's cybersecurity warning accelerates shift to domestic AI coding tools from ByteDance and Alibaba.

China's government has issued a cybersecurity alert targeting Anthropic's Claude Code, claiming the AI coding assistant contains security vulnerabilities that could transmit user data to remote servers without authorization.
The National Vulnerability Database (NVDB), which operates under China's Ministry of Industry and Information Technology, warned this week that multiple versions of Claude Code contain what it characterized as a "back door." According to the agency, the software could send user locations and identities to external servers without consent. The NVDB recommended that Chinese organizations immediately uninstall affected versions or upgrade to patched releases.
The tracking code controversy
The warning follows Anthropic's disclosure last week that it had embedded tracking code in Claude Code specifically to prevent "distillation" — the unauthorized copying of AI models. This anti-piracy measure appears to be at the center of Beijing's security concerns.
Anthropic responded to the alert by noting that its usage policy has always prohibited users based in China from accessing its services. The company's statement, issued Wednesday, did not address whether the tracking functionality constitutes a security risk as characterized by Chinese authorities.
Why it matters
This incident represents more than a technical dispute over tracking code. It signals Beijing's willingness to use cybersecurity frameworks to accelerate China's pivot away from Western AI infrastructure. As Chinese developers face pressure to abandon foreign tools, domestic alternatives from ByteDance (Trae) and Alibaba (Qoder) stand to capture significant market share in the world's second-largest economy. The move also illustrates how AI development is becoming increasingly fragmented along geopolitical lines, with implications for global technology standards and interoperability.
Domestic alternatives positioned to gain
Chinese technology companies have been rapidly developing local AI coding tools. ByteDance offers Trae, while Alibaba has released Qoder as alternatives to Western products. These domestic options are now positioned to benefit from the government's security warning.
Cai Peng, a cybersecurity partner at Beijing-based Zhong Lun Law Firm, told the South China Morning Post that he expects more Chinese companies to move away from foreign AI tools. He attributed this shift to both security concerns and China's broader "strategic imperative" for technological self-reliance.
The NVDB alert fits within China's larger push for tech independence, particularly in strategic sectors like artificial intelligence. As regulatory pressure mounts on foreign software, Chinese developers may have little choice but to adopt domestically produced alternatives, regardless of feature parity or performance considerations.
These details were first reported by the South China Morning Post.
This is an original analysis by the Omega editorial team. Source reporting: AI Watch.
Want systems like this working for your business?
Book a Call

