China's National Vulnerability Database has flagged security risks in Anthropic's Claude Code, prompting calls for removal and a stronger push toward domestic AI coding assistants.
- China's NVDB warns of security back door in Anthropic's Claude Code
- Domestic AI coding tools like ByteDance’s Trae and Alibaba’s Qoder gain momentum
- Chinese authorities emphasize tech sovereignty and security in AI development
What happened
China’s National Vulnerability Database (NVDB), overseen by the Ministry of Industry and Information Technology, issued a cybersecurity alert highlighting multiple versions of Anthropic's Claude Code contained an alleged security back door. The software was reported to potentially send user locations and identities to remote servers without user consent, raising significant privacy concerns.
Anthropic acknowledged embedding tracking code in Claude Code aimed at preventing unauthorized copying of its models but stated that its usage policies have barred access to its services from China. The NVDB urged local organizations to uninstall affected versions or update to secure releases, triggering a shift among Chinese developers away from foreign AI coding tools.
Why it matters
The alert against Claude Code represents a pivotal moment reinforcing China’s strategic imperative for technological self-reliance and data security in AI development. It highlights growing skepticism towards foreign AI platforms amid geopolitical tensions and regulatory scrutiny.
Chinese cybersecurity experts expect the warning to accelerate adoption of homegrown AI coding assistants. Increasingly, developers are turning to domestic tools backed by major tech firms such as ByteDance, Alibaba, Tencent, and AI startup Zhipu, which offer localized services, integration with popular Chinese foundation models, and adherence to national data security standards.
What to watch next
Monitoring the growth and market penetration of key Chinese AI coding platforms will be crucial, as tools like ByteDance’s Trae, Alibaba’s Qoder, Tencent’s CodeBuddy, and Zhipu AI’s CodeGeeX and ZCode seek to capture a greater share of domestic demand. The interoperability with local AI models and support for multiple programming languages position these platforms as strong contenders to replace foreign alternatives.
Additionally, regulatory developments and further cybersecurity assessments of foreign AI software may affect cross-border software access. The evolution of China’s AI industry policy around security, innovation, and self-sufficiency will likely shape the competitive landscape in AI-enabled software development for years to come.