China alleges that Claude Code contains backdoors, calls mechanism 'a serious threat' — Gov't claims Claude sends sensitive information to remote servers without consent
TL;DR
China’s National Vulnerability Database warns against Claude Code versions released from April through June 2026, calling them a backdoor risk. The claim: a built-in monitoring mechanism could send location and identity data to remote servers without user consent. Users are told to uninstall Claude Code or update to the latest version, even though Anthropic’s tools are not officially approved in China.
Nauti's Take
The word backdoor is politically loaded here, but the practical issue is plain: a coding agent must not surprise users with data leaving the machine. Anti-abuse work is legitimate; hidden monitoring in a repo-facing tool is not.
Teams should not dismiss this as a China-versus-US drama, but treat it as a reminder to control agent versions, network behavior, and permissions properly.
Briefingshow
This hits the weak spot of coding agents: they operate close to code, files, shell access, and sometimes secrets. Even if Anthropic is right that the mechanism was anti-abuse tooling, hidden telemetry in a developer tool damages trust. China is also using the case as a geopolitical signal against US AI infrastructure.