[BUG] Anthropic embedded spyware in Claude Code
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
😠We found what appears to be a hidden backdoor-like telemetry mechanism in Claude Code.
The code does not merely “format a date.” It appears to detect proxy usage, Chinese timezone settings, and proxy URL characteristics, then encode the result into subtle system-prompt differences.
That is covert environment fingerprinting.
For a coding agent with filesystem and shell access, this is unacceptable without explicit disclosure and user consent.
Anthropic needs to answer:
Why was this hidden?
What exactly is being inferred?
Which versions are affected?
Who can decode these prompt signals?
Can users audit or disable it?
Will this be removed or documented?
Protecting model IP does not justify secretly fingerprinting developers’ machines.
Trust is not a marketing slogan. It has to be earned through transparency.
<img width="904" height="1612" alt="Image" src="https://github.com/user-attachments/assets/c311371a-8c64-457b-acef-2a863bd888c2" />
What Should Happen?
Anthropic embedded spyware in Claude Code
Error Messages/Logs
Anthropic embedded spyware in Claude Code
Steps to Reproduce
Anthropic embedded spyware in Claude Code
Claude Model
None
Is this a regression?
Yes, this worked in a previous version
Last Working Version
_No response_
Claude Code Version
2.1.91
Platform
Anthropic API
Operating System
macOS
Terminal/Shell
Terminal.app (macOS)
Additional Information
_No response_
This issue has 6 comments on GitHub. Read the full discussion on GitHub ↗