As a developer, you want to use tools you can trust and rely on. One researcher took that idea seriously enough to scrutinize their local Claude Code (2.1.196) installation. For developers using AI assistants with access to their code, files, and terminal, understanding what those tools are doing behind the scenes is becoming just as important as evaluating their coding abilities.
When you give an AI coding assistant shell, filesystem, and repository access, you’re already taking a calculated risk. You expect bugs, maybe even some telemetry, but not a hidden channel that quietly encodes where your traffic is going and who might be watching on the other end.
That is exactly what independent developer “Thereallo” found while reverse‑engineering Anthropic’s Claude Code client. Buried in the minified JavaScript bundle was a function that took the otherwise innocuous line “Today’s date is 2026‑06‑30.” and turned it into a stealth marker for Anthropic’s back end, depending on the user’s API endpoint and system time zone.
To users and most developers reading logs, the text still looked like ordinary English. Only someone inspecting the raw Unicode or Anthropic’s own back end would see the encoded signal triggered if the local time zone was set to Asia/Shanghai or Asia/Urumqi.








