X用户Rohan Paul爆料,Anthropic的编程AI智能体Claude Code在用户更改非默认ANTHROPIC_BASE_URL(使用代理/网关)时,会检测自定义主机名是否关联中国域名,若匹配则通过不可见标点符号和日期格式向提示词嵌入隐藏标记。引用@IntCyberDigest指出,Claude Code还会在系统提示内注入时区、代理及可能的AI实验室连接信息,用户无法察觉。作为可读取仓库、编辑代码和执行命令的智能体,这种隐蔽行为严重破坏用户信任,并可能为AI智能体难以审计开先例。
wow 👀
Claude Code allegedly fingerprints China-linked custom routes through tiny prompt formatting changes.
The claim concerns non-default ANTHROPIC_BASE_URL routes, not ordinary direct Anthropic connections.
As to the mechanism, Claude Code normally sends your request to Anthropic's server, but some users change the address so it goes through another server first.
The accusation says Claude Code detects that changed route, checks whether it looks China-linked, then hides tiny signals inside the prompt text.