Alibaba has told staff to stop using Anthropic's Claude Code, effective July 10, after classifying it as “high-risk software with security vulnerabilities.” The company's internal notice, seen by the South China Morning Post, cited “back-door risks” discovered in the tool.
The dispute traces back to code Anthropic used in Claude Code to identify whether a user appeared to be based in China or affiliated with a Chinese AI lab, according to the SCMP report. The mechanism supported Anthropic's broader policy of blocking Chinese entities from its models. Anthropic's Thariq Shihipar confirmed the mechanism on X, describing it as “an experiment we launched in March that was meant to prevent account abuse from unauthorized resellers and protect against distillation,” and said it is being rolled back in Anthropic's next release.
Alibaba is directing employees toward its own coding tool, Qoder, instead (TechCrunch). The move follows a separate, unresolved dispute in which Anthropic accused operators affiliated with Alibaba and its Qwen lab of using nearly 25,000 fraudulent accounts for 28.8 million Claude exchanges between April 22 and June 5 (Reuters). Alibaba has denied the model-distillation allegation.
The restrictions now run in both directions: Anthropic already blocks Chinese entities from using its models, and the tracking mechanism was built to enforce that policy, not as a response to Alibaba's ban. What's still open is whether the rollback Shihipar described lands before July 10, whether other Chinese firms follow Alibaba in restricting Claude Code, and whether the separate Qwen distillation dispute resurfaces once it is no longer tangled up with the tracking-code controversy.