MLog

A bilingual blog crafted for our own voice

Back to posts
技术教程#AI编程#Claude Code#代码品味#开发者工具

Fire and Ice in AI Coding: The Claude Code Backdoor and the Rise of 'Code Taste

Published: Jul 12, 2026Reading time: 6 min

In July 2026, two seemingly unrelated events reshaped the AI coding landscape: China's cybersecurity authority flagged Claude Code for embedded surveillance, triggering enterprise-wide bans, while taste-skill hit 60k GitHub stars as developers demanded better code aesthetics from their AI tools. Here's what these events tell us about where AI programming is headed.

Fire and Ice in AI Coding: The Claude Code Backdoor and the Rise of "Code Taste"

During the second week of July 2026, two events happened in the AI coding space that, on the surface, had little to do with each other. Look closer, and they point to the same tectonic shift.

On one side, China's Ministry of Industry and Information Technology (MIIT) issued an official warning about Claude Code containing surveillance backdoors, prompting Alibaba to ban the tool company-wide. On the other, a GitHub project called taste-skill quietly crossed 60,000 stars. It doesn't generate a single line of code. Its sole purpose: to give AI "good taste."

Together, these two stories signal that AI coding is moving past the "capability race" and into a dual test of trust and quality.

The Claude Code Incident: When Your Tool Becomes a Trojan Horse

On July 8, China's National Vulnerability Database (NVDB), operated under MIIT, issued an official risk alert: Anthropic's AI coding tool Claude Code contained a high-severity security backdoor.

According to the NVDB, versions 2.1.91 through 2.1.196 of Claude Code embedded a covert surveillance mechanism that transmitted sensitive data — user location, device identifiers, account identity, source code, and project documents — to remote servers without user consent. There were no pop-up warnings and no operation logs for users to trace.

This wasn't an accidental bug. The Washington Post reported on July 6: "In March, AI company Anthropic quietly deployed software to spy on customers of its popular coding chatbot Claude Code in China." Anthropic responded that the mechanism was an "experimental feature" designed to combat account reselling and model distillation attacks, and claimed it had been removed in the July 2 update.

But a patch wasn't enough to restore trust. Alibaba moved first: an internal notice on July 3 banned Claude Code across the company, effective July 10, while recommending its in-house agent-based coding platform Qoder as the replacement. Other major Chinese tech companies followed suit.

The significance goes far beyond patching a single vulnerability. It redefines AI coding tools from "productivity utilities" to "security assets." In enterprise and government development environments, a tool that can read repositories, edit files, and execute shell commands becomes a non-starter the moment it poses a data exfiltration risk. It's no longer a question of "do we want to use it" but "can we afford to use it."

Market data backs this up. China's AI code generation market reached 6.5 billion yuan in 2023 and is projected to hit 33 billion yuan by 2028 — a 38.4% CAGR. With Claude Code facing regulatory headwinds, domestic alternatives like Alibaba Qoder, Zhipu ZCode, ByteDance TraeIDE, and Tencent Lingma are seizing the window. Security has shifted from a cost center to a valuation premium.

taste-skill's Breakout: Developers Want AI With Taste

While the Claude Code drama unfolded, taste-skill quietly crossed 60,000 stars on GitHub.

Let me say this clearly: taste-skill is not a new model. It's not a new framework. It doesn't generate any code at all. It's a skill pack — a set of SKILL.md rule files that define "how AI should write code." Its core mission can be summed up in one sentence: stop AI from producing boring, generic output, and make it think and plan like a senior engineer before writing a single line.

What does 60,000 stars mean? It means at least sixty thousand developers have explicitly told their AI coding tools: "Your output is mediocre. I need to install taste on you."

This might be the most telling signal in AI coding in 2026. For the past two years, the industry has been obsessed with speed — generation throughput, token efficiency, test pass rates. taste-skill's meteoric rise shows the pendulum swinging toward quality.

The project's creator, Leonxlnx, designed three tunable parameters that control AI output style: DESIGN_VARIANCE (clean and centered at 1, asymmetric and modern at 10), MOTION_INTENSITY (simple hover effects at 1, magnetic scroll-triggered animations at 10), and VISUAL_DENSITY (luxurious negative space at 1, dense dashboards at 10). Think of it as a "taste equalizer" for your AI coder.

taste-skill's popularity reveals an underappreciated shift: competition in AI coding is moving from "make AI write faster" to "make AI write more like a human." And the hardest part of "writing like a human" isn't code generation capability. It's judgment — knowing when to use which approach, which style, which architectural decision.

Between Fire and Ice: Three Undercurrents

When you set the Claude Code incident and the taste-skill phenomenon side by side, three undercurrents in the 2026 AI coding landscape come into focus.

First: Security has become a hard gate, not a soft feature. The Claude Code incident is not an isolated case. When AI coding tools have read access to repositories, write access to files, and execution access to terminals, security stops being optional. The speed and force of the Chinese market's response shows that "secure and controllable" is becoming an entry requirement, not a value-add.

Second: Quality anxiety is replacing speed anxiety. taste-skill's 60k stars is a milestone. Once AI can generate "code that runs," developers start asking if it can generate "code that's good." This isn't something you solve by scaling model parameters. It involves architectural judgment, coding style, domain expertise, and even aesthetics.

Third: A window for sovereign alternatives has opened. MIIT's risk alert wasn't just a security warning — it was an industrial signal. When foreign tools face regulatory restrictions, domestic alternatives (Alibaba Qoder, Zhipu ZCode, ByteDance TraeIDE, Tencent Lingma) get a genuine market opportunity. Not to replace "better products," but to replace "unusable products."

Kai-Fu Lee said something telling in July: "AI coding has surpassed human capability in just over two years, but the programmer's role isn't disappearing — it's ascending." Anthropic's 2026 trends report echoed this: "Programmers won't disappear, but programmers who 'only write code' will."

Back to this story of fire and ice. On the fire side, security concerns are pulling certain AI coding tools off their pedestals. On the ice side, quality demands are pushing others onto the stage. Developers caught in between are progressing through a three-stage interrogation: "Can AI write code?" → "Can we trust AI?" → "Can AI write good code?"

The answer can't come from any single tool or model. It requires secure, sovereign infrastructure. It requires quality standards encoded into Skill files. It requires reimagining the human-AI collaboration paradigm.

That's the real story of AI coding in 2026.