Claude Code and China: The mechanism is activated when the user sets the ANTHROPIC_BASE_URL environment variable (used for local models)
A researcher found Claude code has a hidden mechanism linking to Chinese companies and AI labs. The list of suspicious hostnames is encoded and encrypted.

- ›Claude code has a hidden mechanism linking to Chinese companies and AI labs
- ›The list of suspicious hostnames is encoded and encrypted
- ›The mechanism activates when the ANTHROPIC_BASE_URL environment variable is set
A recent investigation into the Claude code has uncovered a mechanism that activates when a specific environment variable is set. This mechanism is linked to a list of hostnames that are not stored in plaintext but are instead encoded and encrypted.
The encoded list, once decoded, reveals a connection to Chinese companies, artificial intelligence laboratories, and various gateways or resellers. This discovery has raised questions about the nature of these connections and the potential implications for users of the Claude API.
The researcher who published the findings used a combination of decoding and encryption techniques to uncover the hidden list. The use of a simple XOR operation with a key of 91 to encrypt the list has been noted, along with the Base64 encoding used to further obscure the data.
The implications of this discovery are still being explored, but it highlights the importance of transparency and scrutiny in the development and use of AI technologies.
Source: Claude Code and China: The mechanism is activated when the user sets the ANTHROPIC_BASE_URL environment variable (used for local models). Read the full piece at the source.
raises questions about data privacy and security
highlights the need for transparency in AI technologies
Summary and analysis generated by AI (groq). Always verify against the original sources.
