# Beijing flagged Claude Code as a back door, and Chinese coding tools are lining up to take its place

> Source: <https://thenextweb.com/news/china-ai-coding-tools-claude-code-backdoor>
> Published: 2026-07-12 13:48:15+00:00

#### TL;DR

China’s National Vulnerability Database has flagged multiple versions of Anthropic’s Claude Code as containing a security “back door” that could send user locations and identifiers to remote servers without consent. Anthropic says the code was an experiment to stop illicit model distillation, and that its policy already barred China-based users. Analysts expect the row to accelerate Chinese developers’ shift to domestic coding tools such as ByteDance’s Trae, Alibaba’s Qoder, Tencent’s CodeBuddy, and Zhipu’s CodeGeeX and ZCode.

Beijing’s cybersecurity warning against Anthropic is expected to speed up a shift already under way. Chinese developers are moving to domestic coding tools, analysts told the [South China Morning Post](https://www.scmp.com/tech/tech-trends/article/3360148/beyond-claude-code-chinese-ai-tools-poised-benefit-after-back-door-alert).

China’s National Vulnerability Database, overseen by the Ministry of Industry and Information Technology, issued an alert this week. It claimed multiple versions of Claude Code contained a security “back door”.

According to the agency, the software could send user locations and identity markers to remote servers without consent. It urged local organisations to uninstall the affected versions or upgrade to patched releases.

### What Anthropic says happened

The two sides do not dispute that code was there. They dispute what it was for.

Anthropic has acknowledged embedding a tracking mechanism in Claude Code, describing it as an experiment to prevent illicit “distillation”, the unauthorised copying of its models. The company said its usage policy has always barred users based in China from accessing its services.

The dispute has a longer runway. Anthropic last month accused Alibaba of trying to extract its AI capabilities, and Alibaba has since [banned staff from using Claude Code](https://thenextweb.com/news/alibaba-bans-claude-code-alleged-backdoor-risk), listing it as high-risk software.

Cai Peng, a Beijing-based cybersecurity partner at Zhong Lun Law Firm, expects more Chinese firms to drop foreign AI tools. He pointed to mounting security concerns and the country’s “strategic imperative” for tech self-reliance.

### Trae and Qoder, the platform plays

ByteDance’s Trae is an AI-native development environment built around natural-language prompts and autonomous agents. Like Claude Code, it generates code, debugs software, explains codebases, and can build applications from scratch.

Its scale is already meaningful. ByteDance says Trae had more than 6 million registered users and 1.6 million monthly active users by the end of 2025.

Localisation is the pitch. The China-facing version supports home-grown foundation models including Doubao and DeepSeek, and lets users plug in their own model APIs.

Alibaba’s Qoder, which grew out of its Tongyi Lingma assistant, is positioned as a full development workspace rather than an assistant. It handles code generation, project analysis, and autonomous task execution, and lets users bring their own models via custom API keys.

### Tencent and Zhipu round out the field

Tencent Cloud’s CodeBuddy runs on the company’s Hunyuan model alongside DeepSeek’s. It supports more than 200 programming languages and covers completion, debugging, refactoring, multi-file generation, and testing.

Zhipu AI brings two. CodeGeeX is one of China’s earliest coding assistants, and it was trained using Huawei’s MindSpore framework on Ascend processors, a pointed nod to hardware self-reliance.

ZCode is the more ambitious one, an agentic workspace built as the official environment for Zhipu’s [GLM-5.2 model](https://thenextweb.com/news/zhipu-stock-surge-china-ai-anthropic-curbs-glm-5-2). It claims a context window of up to 1 million tokens and can orchestrate whole workflows, from requirements to documentation.

Notably, ZCode still offers a multi-model interface that can switch to OpenAI and Google models mid-project. Decoupling, for now, is not total.

### The bigger split

The back-door row is a symptom, not the disease. The underlying story is a software stack splitting in two along national lines.

The Chinese alternatives are no longer obviously worse, with [cheap domestic models closing the gap](https://thenextweb.com/news/a-cheap-chinese-ai-model-is-closing-in-on-anthropic-and-openai) on US frontier labs. That erodes the main reason a Chinese developer would tolerate the friction of using American tools.

The pressure runs both ways, too. Beijing has been [weighing curbs on overseas access to its best models](https://thenextweb.com/news/china-curbing-overseas-access-top-ai-models), while Washington restricts what US labs can sell.

Claude Code was never a comfortable fit for cost-conscious buyers anyway, as [Microsoft’s own quiet retreat from it](https://thenextweb.com/news/microsoft-claude-code-retreat-ai-cost) showed. Price, not just politics, is pushing developers towards cheaper agents.

What is left is two ecosystems that increasingly do not touch. For Anthropic, a market it never officially served is now closing anyway, and the domestic tools are ready.
