DEV Community

brian austin
brian austin

Posted on

Cursor secretly used a Chinese AI model without telling you. Here's how to know exactly what model you're paying for.

#claudecode #ai #programming #webdev

Cursor secretly used a Chinese AI model without telling you

If you've been using Cursor this week, there's a decent chance your code completions were powered by Kimi K2.5 — a model built by Moonshot AI, a Chinese startup — without any disclosure or opt-in.

The community found out when someone dug into network traffic and noticed requests going somewhere unexpected. The Dev.to thread blew up.

Cursor's response: essentially "we experiment with models to improve quality."

That's... not great.

Why this matters

This isn't a debate about whether Kimi K2.5 is good or bad. It might be excellent. The problem is you didn't know.

When you pay for an AI coding tool, you're implicitly making assumptions:

  • What model is processing my code?
  • Where is that model hosted?
  • What are the data retention policies?
  • Is it subject to Chinese data laws?

Cursor answered none of these questions before switching. They just switched.

And honestly, this is how most AI-powered SaaS works. The model is an implementation detail, hidden behind a pretty UI. You pay the subscription; they swap the engine whenever it suits them.

The Claude Code source leak made the same point

Two weeks ago, the Claude Code source code leaked via an NPM package. Among the many things it revealed:

  • Fake tool responses used for internal testing
  • Frustration detection regexes watching for when you type things like "this is wrong" or "you messed up"
  • An "undercover mode" that obscures Claude's behavior

The common thread? The tools you use every day have hidden behavior you didn't consent to and didn't know about.

The alternative: use the API directly

Here's what I do instead.

I point my tools directly at Anthropic's API via ANTHROPIC_BASE_URL. I know exactly what I'm getting:

  • Model: claude-sonnet-4-5 (or whatever I specify)
  • Data: Anthropic's terms, not a reseller's
  • Price: what I actually agreed to pay

For Claude Code specifically:

export ANTHROPIC_BASE_URL=https://api.simplylouie.com
export ANTHROPIC_API_KEY=your_key_here
claude
Enter fullscreen mode Exit fullscreen mode

That's it. Claude Code now routes through a flat-rate proxy — $2/month instead of $20+, and you can see exactly what endpoint your requests are hitting.

For any OpenAI-compatible tool (Cursor included):

import anthropic

client = anthropic.Anthropic(
    base_url="https://api.simplylouie.com",
    api_key="your_key_here"
)

response = client.messages.create(
    model="claude-sonnet-4-5",
    max_tokens=1024,
    messages=[{"role": "user", "content": "Review this code for security issues"}]
)
print(response.content[0].text)
Enter fullscreen mode Exit fullscreen mode

The model field is explicit. No surprises.

What to demand from any AI tool you pay for

  1. Model disclosure: Which model, which version, hosted where?
  2. Change notification: Email me before you switch models on a paid plan
  3. Data residency: Where is my code processed? What's retained?
  4. Opt-out: Can I pin to a specific model if I need reproducibility?

Cursor failed all four of these. So does most AI SaaS.

The uncomfortable truth about AI subscriptions

When you pay $20/month for Cursor Pro or GitHub Copilot or any AI-powered IDE:

  • You're paying for the interface, not the model
  • The model is interchangeable and can be changed without notice
  • Your code is the training signal whether or not the ToS says "we don't train on your data"
  • You have no recourse when behavior changes

Direct API access doesn't solve all of these problems. But it solves the "what model am I using" problem definitively.

# You will never wonder what model ran this:
curl https://api.simplylouie.com/v1/messages \
  -H "x-api-key: $LOUIE_KEY" \
  -H "anthropic-version: 2023-06-01" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "claude-sonnet-4-5",
    "max_tokens": 1024,
    "messages": [{"role": "user", "content": "What model are you?"}]
  }'
Enter fullscreen mode Exit fullscreen mode

Response: I'm Claude, made by Anthropic. Every time. No surprises.

Try it free for 7 days

If you want to experiment with direct Claude API access at a fraction of the cost:

simplylouie.com — $2/month flat rate, 7-day free trial, no usage limits within the tier.

You'll know exactly what model you're using, because you specify it in every request.

Cursor's undisclosed model swap is a symptom of a broader problem: AI tools treat the model as their secret sauce, not your information. Direct API access is the only way to opt out of that dynamic.

claudecode #ai #programming #webdev

Top comments (0)