undefined | Better HN

0 pointsmerlindru1mo ago0 comments

claude -p is allowed as far as I'm aware.

if i understand correctly, they even have a wrapper around it to make it easier to use: the Claude Agent SDK

the thing that's disallowed is pretending you're the claude binary, logging in through OAuth

in other words, if you use some product thats not Claude Code, and your browser opens asking you to "give Claude Code access to your account", you're in hot water

as for how they detect it: they say they use heuristics and usage patterns. if something falls wildly out of the distribution it's a ban.

my take is that the problem is not the means of detection. that's fine and seems to work well. the problem is that its an instant outright ban. they should give you a couple warning emails, then a timeout, etc.

0 comments

adastra221mo ago

The Claude Agent SDK is explicitly disallowed from subscription use, as of a few days ago.

BoorishBears1mo ago

No it's not. You can't offer OAuth + the Claude Agent SDK in your own product, but you can use Claude Agent SDK locally by signing in through Claude Code.

It's no different than using Claude Code directly.

azuanrb1mo ago

I’m aware of the tweet that says otherwise, but until they update their legal documentation, it’s still not allowed.

> OAuth authentication (used with Free, Pro, and Max plans) is intended exclusively for Claude Code and Claude.ai. Using OAuth tokens obtained through Claude Free, Pro, or Max accounts in any other product, tool, or service — including the Agent SDK — is not permitted and constitutes a violation of the Consumer Terms of Service.

https://code.claude.com/docs/en/legal-and-compliance#authent...

1 more reply

skeledrew1mo ago

Why a couple warnings and timeout? 1 warning that the next incident will lead to a ban should be enough. Treat people like adults, not kids.

merlindruOP1mo ago

adults make mistakes and the situation was murky without clear guidance.

this was the experience for some claude subscribers just a couple weeks ago:

1. download opencode

2. select claude as a model

3. browser window opens, asking you to sign in. typical oauth screen.

4. everything works, prompt away

5. some days/weeks pass

6. you get permanently banned

now if you add one warning email just before step (6.) then that doesn't really help. what if it bounces? what if people don't check their emails? put a big flashy red warning into claude code? sure, but what if users accidentally dismiss it or simply do not understand it (non tech folks, non native english speakers)

its just the friendly and correct thing to do, in my opinion

nikcub1mo ago

> they say they use heuristics and usage patterns.

cache hit rate alone would stand out

mvdtnz1mo ago

Why do you mean by this? What cache?

mirashii1mo ago

Generally speaking, there's prompt caching that can be enabled in the API with things like this: https://platform.claude.com/docs/en/build-with-claude/prompt...

For a specific harness, they've all found ways to optimize to get higher cache hit rates with their harness. Common system prompts and all, and more and more users hitting cache really makes the cost of inference go down dramatically.

What bothers me about a lot of the discussion about providers disallowing other harnesses with the subscription plans around here is the complete lack of awareness of how economies of scale from common caching practices across more users can enable the higher, cheaper quotas subscriptions give you.

1 more reply

nikcub1mo ago

prompt caching - big part of the reason why they can economically offer claude code plans. one of the ant team explain it here:

https://x.com/trq212/status/2024574133011673516

akssassin9071mo ago

The heuristic detection approach is fine. The penalty ladder is broken.

Reasonable progression: warning email → quota throttle → AI Pro subscription suspended → Google account suspended.

They skipped to step 4 on a first offense, paid account, no appeal. That's not a terms enforcement system, that's a hostage situation. "Comply or lose your digital life."

The real lesson isn't "don't use OpenClaw." It's: never let one company own your primary identity infrastructure.

gopil1mo ago

Is OpenClaw a product though? It's more like a system/framework.

j / k navigate · click thread line to collapse

0 comments

adastra221mo ago

The Claude Agent SDK is explicitly disallowed from subscription use, as of a few days ago.

BoorishBears1mo ago

No it's not. You can't offer OAuth + the Claude Agent SDK in your own product, but you can use Claude Agent SDK locally by signing in through Claude Code.

It's no different than using Claude Code directly.

azuanrb1mo ago

I’m aware of the tweet that says otherwise, but until they update their legal documentation, it’s still not allowed.

https://code.claude.com/docs/en/legal-and-compliance#authent...

1 more reply

skeledrew1mo ago

Why a couple warnings and timeout? 1 warning that the next incident will lead to a ban should be enough. Treat people like adults, not kids.

merlindruOP1mo ago

adults make mistakes and the situation was murky without clear guidance.

this was the experience for some claude subscribers just a couple weeks ago:

1. download opencode

2. select claude as a model

3. browser window opens, asking you to sign in. typical oauth screen.

4. everything works, prompt away

5. some days/weeks pass

6. you get permanently banned

its just the friendly and correct thing to do, in my opinion

nikcub1mo ago

> they say they use heuristics and usage patterns.

cache hit rate alone would stand out

mvdtnz1mo ago

Why do you mean by this? What cache?

mirashii1mo ago

Generally speaking, there's prompt caching that can be enabled in the API with things like this: https://platform.claude.com/docs/en/build-with-claude/prompt...

1 more reply

nikcub1mo ago

prompt caching - big part of the reason why they can economically offer claude code plans. one of the ant team explain it here:

https://x.com/trq212/status/2024574133011673516

akssassin9071mo ago

The heuristic detection approach is fine. The penalty ladder is broken.

Reasonable progression: warning email → quota throttle → AI Pro subscription suspended → Google account suspended.

They skipped to step 4 on a first offense, paid account, no appeal. That's not a terms enforcement system, that's a hostage situation. "Comply or lose your digital life."

The real lesson isn't "don't use OpenClaw." It's: never let one company own your primary identity infrastructure.

gopil1mo ago

Is OpenClaw a product though? It's more like a system/framework.

j / k navigate · click thread line to collapse