| ▲ | gck1 5 hours ago |
| I don't understand how this can be enforced without ridiculous levels of false positives. I'm truly baffled. The same with Claude Code situation. gemini-cli, claude-code, codex etc, they ALL have a -p flag or equivalent, which is non-interactive IO interface for their LLM inference. If I wire my tooling (or openclaw) to use the -p flag (or equivalents), is that allowed? Okay, maybe they get rid of the -p flag and I have to use an interactive session. I can then just use OS IO tooling to wire OpenClaw with their cli. Is that allowed? How does sending requests directly to the endpoints that their CLI is communicating with suddenly make their subsidized plans expensive? Is it because now I can actually use my 100% quota? If that's so, does it mean their products are such that their profitability stands on people not using them? What is even going on? |
|
| ▲ | rustyhancock 4 hours ago | parent | next [-] |
| The direct answer is their clients play extra nice with their backend. Specifically all optimize caching. The indirect answer is for everyone using third party tools to play about there are 10x using it to spam or malicious use cases hammering their backend far cheaper than if it was by API. These people are the false positives in this situation, but whether Google or Claude care is unlikely. They're happy to ban you and expect you to sign up for the API. This has always been a worry when you use a service like Google. |
|
| ▲ | merlindru 5 hours ago | parent | prev | next [-] |
| claude -p is allowed as far as I'm aware. if i understand correctly, they even have a wrapper around it to make it easier to use: the Claude Agent SDK the thing that's disallowed is pretending you're the claude binary, logging in through OAuth in other words, if you use some product thats not Claude Code, and your browser opens asking you to "give Claude Code access to your account", you're in hot water as for how they detect it: they say they use heuristics and usage patterns. if something falls wildly out of the distribution it's a ban. my take is that the problem is not the means of detection. that's fine and seems to work well. the problem is that its an instant outright ban. they should give you a couple warning emails, then a timeout, etc. |
| |
| ▲ | adastra22 4 hours ago | parent | next [-] | | The Claude Agent SDK is explicitly disallowed from subscription use, as of a few days ago. | | |
| ▲ | BoorishBears an hour ago | parent [-] | | No it's not. You can't offer OAuth + the Claude Agent SDK in your own product, but you can use Claude Agent SDK locally by signing in through Claude Code. It's no different than using Claude Code directly. | | |
| ▲ | azuanrb an hour ago | parent [-] | | I’m aware of the tweet that says otherwise, but until they update their legal documentation, it’s still not allowed. > OAuth authentication (used with Free, Pro, and Max plans) is intended exclusively for Claude Code and Claude.ai. Using OAuth tokens obtained through Claude Free, Pro, or Max accounts in any other product, tool, or service — including the Agent SDK — is not permitted and constitutes a violation of the Consumer Terms of Service. https://code.claude.com/docs/en/legal-and-compliance#authent... | | |
| ▲ | BoorishBears an hour ago | parent [-] | | It's not about a tweet, just read your own quote. You cannot authenticate with anything but Claude Code and Claude.ai. But you do not need to authenticate with Claude Agent SDK (even though you can using env variables). When you authenticate with Claude Code (allowed), Claude Agent SDK works without any further authentication. It's really annoying that people keep trying to make this complicated because the inevitable end result is that they remove authless usage of the Agent SDK and save themselves the headache. I really hate Clawdb-Moltb-OpenC-NanoCode or whatever half-baked project the grifters are on this week for ruining a good thing for the rest of us. |
|
|
| |
| ▲ | akssassin907 3 hours ago | parent | prev | next [-] | | The heuristic detection approach is fine. The penalty ladder is broken. Reasonable progression: warning email → quota throttle → AI Pro subscription suspended → Google account suspended. They skipped to step 4 on a first offense, paid account, no appeal. That's not a terms enforcement system, that's a hostage situation. "Comply or lose your digital life." The real lesson isn't "don't use OpenClaw." It's: never let one company own your primary identity infrastructure. | |
| ▲ | gopil 2 hours ago | parent | prev | next [-] | | Is OpenClaw a product though? It's more like a system/framework. | |
| ▲ | skeledrew 4 hours ago | parent | prev | next [-] | | Why a couple warnings and timeout? 1 warning that the next incident will lead to a ban should be enough. Treat people like adults, not kids. | |
| ▲ | nikcub 4 hours ago | parent | prev [-] | | > they say they use heuristics and usage patterns. cache hit rate alone would stand out | | |
| ▲ | mvdtnz 4 hours ago | parent [-] | | Why do you mean by this? What cache? | | |
| ▲ | mirashii 4 hours ago | parent | next [-] | | Generally speaking, there's prompt caching that can be enabled in the API with things like this: https://platform.claude.com/docs/en/build-with-claude/prompt... For a specific harness, they've all found ways to optimize to get higher cache hit rates with their harness. Common system prompts and all, and more and more users hitting cache really makes the cost of inference go down dramatically. What bothers me about a lot of the discussion about providers disallowing other harnesses with the subscription plans around here is the complete lack of awareness of how economies of scale from common caching practices across more users can enable the higher, cheaper quotas subscriptions give you. | | |
| ▲ | lurkshark 5 minutes ago | parent [-] | | I feel like a lot of this would go away if they made a different API for the “only for use with our client” subscriptions. A different API from the generic one, that moved some of their client behaviors up to the server seems like it would solve all this. People would still reverse engineer to use it in other tools but it would be less useful (due to the forced scaffolding instead of entirely generic completions API) and also ease the burden on their inference compute. I’m sure they went with reusing the generic completions API to iterate faster and make it easier to support both subscription and pay-per-token users in the same client, but it feels like they’re burning trust/goodwill when a technical solution could at least be attempted. |
| |
| ▲ | nikcub 4 hours ago | parent | prev [-] | | prompt caching - big part of the reason why they can economically offer claude code plans. one of the ant team explain it here: https://x.com/trq212/status/2024574133011673516 |
|
|
|
|
| ▲ | googinsider123 2 hours ago | parent | prev | next [-] |
| Haha, no. I can tell you that it is so obvious and there is basically no false positives. Can’t share more details though. If it makes you feel any better, some google employees have their personal accounts banned too (only Gemini access, not the whole account) for running opeclaw, and also have a hard time getting their account reinstated. |
| |
| ▲ | andersmurphy 3 minutes ago | parent [-] | | Its obvious why this us getting blocked open claw will make multiple orders if magnitude more requests. For each open claw user you could support tens of thousands of regular users. The financial costs would clearly be ruinous. |
|
|
| ▲ | joshribakoff 4 hours ago | parent | prev | next [-] |
| There are examples of labs banning these use cases for sure, as well as the presence of terms and conditions allowing them to ban you for merely “competing” with them. If you’re building, it could be worth locking in a contract first. |
|
| ▲ | hendersoon 5 hours ago | parent | prev | next [-] |
| The -p flag should be fine, so long as you don't use their oauth in a third-party tool. Gemini also supports A2A for this sort of thing. |
| |
| ▲ | gck1 4 hours ago | parent [-] | | But the question is - why is the -p flag fine? It hits the same endpoints with the same OAuth token and same quotas. Comments section here and on related news from Anthropic seems to be centered around the idea that the reason for these bans is that it burns tokens quickly, while their plans are subsidized. What changes with the -p flag? You're just using cli instead of HTTP. Are the metrics from their cli more valuable than the treasure trove of prompt data that passes through to them either way that justifies this PR? | | |
| ▲ | NitpickLawyer 2 hours ago | parent | next [-] | | > Are the metrics from their cli more valuable than the treasure trove of prompt data that passes through to them either way that justifies this PR? Yes. The only reason they subsidise all-you-can-prompt subscriptions is to collect additional data / signals. They can use those signals to further improve their models. | |
| ▲ | adastra22 3 hours ago | parent | prev [-] | | Because the ToS explicitly says the -p flag is fine, but the Agent SDK is not. |
|
|
|
| ▲ | dev1ycan 5 hours ago | parent | prev | next [-] |
| Every subscription's profitability stands on people forgetting to unsubscribe, how is this surprising? |
| |
| ▲ | gck1 4 hours ago | parent | next [-] | | They're in the wrong business then. They're selling peak automation software, with the sales pitch of 'have AI do your work while you sleep'. Are they banning their core offering? Are Ralph' loops also banned for building software? Because I can drain my quota with a simple bash loop faster than any OpenClaw instance. | | |
| ▲ | harrall 4 hours ago | parent [-] | | You most likely don’t pay per call for your cellphone. You most likely don’t pay per machine to use the gym. You don’t pay per cup if they allow unlimited refills. You are not supposed to go into an all-you-can eat buffet and stuff steaks into your bag. Sometimes not all of us want to do the math à la carte for every thing we use in life. Don’t ruin it for us. | | |
| ▲ | akssassin907 3 hours ago | parent [-] | | The buffet analogy breaks down here. Using OpenClaw isn't stuffing steaks in your bag — you're eating the same food, in the same seat, consuming the same tokens your subscription allows. Google banned you because they didn't like the plate you brought. Then took your house key as punishment. The steaks-in-bag analogy would apply if you were somehow extracting MORE than your quota. You're not. You're just routing the same tokens differently. |
|
| |
| ▲ | dmix 4 hours ago | parent | prev [-] | | You must not work in the SaaS business if you think that | | |
| ▲ | jcgrillo 3 hours ago | parent [-] | | Not sure if this is sarcasm, but I'll respond as if it isn't. Having worked my entire career to date in the SaaS business, it is well known in some verticals that a large portion of revenue comes from companies that literally do not know they have purchased your product. And when you have a large customer like that, people are very careful to walk quietly and not do anything to notify them. I've seen it happen quite a few times. |
|
|
|
| ▲ | mannanj 3 hours ago | parent | prev [-] |
| I feel like it's about data quality. They want humans using the tools because that data is valuable and helps them improve the product. AI's using their product like OpenClaw makes their training missions harder. And even if you opt-out of training, they are still using your data for non-training purposes (you can't open out of that) and that human data is valuable. |
