Alibaba has banned its employees from using Anthropic's Claude Code after internal reports surfaced alleging the AI coding tool contains a hidden mechanism designed to detect and flag users based in China. The ban, confirmed through internal communications reviewed by multiple outlets, marks a significant escalation in tensions between the two companies and raises broader questions about trust in AI developer tooling across borders.
What the Alleged Backdoor Does
According to the reports, the suspected code within Claude Code performs environment checks that appear to identify whether the tool is being run from a Chinese IP address or within a Chinese network context. Critics have framed this as a form of surveillance or data collection targeting Chinese users specifically. Alibaba's concerns about Anthropic spyware had been simmering before this latest incident, but the discovery of what employees described as a deliberate detection layer appears to have pushed leadership to act swiftly.
Key Facts
- Alibaba has issued a company-wide ban on Claude Code for its employees.
- The alleged backdoor is described as a China-detection mechanism embedded in the tool.
- Staff have been instructed to migrate to Qoder, Alibaba's own coding assistant.
- Anthropic has not issued a formal public response to the specific backdoor claims.
- The incident deepens a growing rift between Alibaba and Anthropic in the AI tools space.
The timing is notable. Alibaba had previously been exploring integrations between its own AI models and third-party tooling. Earlier reporting noted that Alibaba's Qwen3.7-Max model had demonstrated the ability to run Claude Code autonomously for up to 35 hours, suggesting a period of cooperation or at least mutual compatibility. That alignment now appears to be fractured.
Employees were told the tool poses an unacceptable security risk and that continued use would violate internal compliance guidelines.Internal Alibaba memo, as reported by Tom's Hardware
Anthropic's Position and the Wider Fallout
Anthropic, the San Francisco-based AI safety company, has not publicly confirmed or denied the existence of the alleged detection code. The company has built its public identity around safety-conscious AI development, making the backdoor allegations particularly damaging to its reputation in international markets. Whether the behavior in question was intentional, incidental, or the result of a misinterpretation of standard telemetry code remains contested.
For Alibaba, the move to Qoder is a practical pivot as much as a political one. Qoder is Alibaba's internally developed coding assistant, and pushing employees toward it consolidates the company's AI tool ecosystem under domestic infrastructure. The ban effectively removes a key Western AI product from one of China's largest tech employers, a signal that resonates beyond just one company's internal policy.
This is not the first friction point between Western AI developers and Chinese technology firms. The incident adds to a pattern of scrutiny that tools built by Anthropic's model family face when deployed in regions with different regulatory and security expectations. How Anthropic responds, if at all, will likely shape whether Claude Code retains any foothold in Chinese enterprise environments going forward.
The broader AI developer tools market is watching closely. Claude Code had been gaining traction among engineering teams globally, and this ban by a company of Alibaba's scale is a reputational blow regardless of whether the backdoor allegations are ultimately proven. Security concerns, once voiced loudly enough, tend to stick.